-
Splunk Analyst
- ManTech (Frederick, MD)
-
ManTech seeks a motivated, career and customer-oriented **Splunk Analyst** to join our team in **Ft Detrick.** This is a hybrid position with 3 days onsite and 2 days remote. (Optional: Use if Remote Type is Hybrid)
Responsibilities include but are not limited to:
+ Administration of Splunk, creating custom content with SPL, data administration in a SIEM, and performing security investigations through Splunk ES.
+ Identification of cyber threats and information security in the domains of TTP’s, Threat Actors, Campaigns, and Observables.
+ Create Splunk dashboards, alarms and reports.
+ Work with tools commonly deployed in a SOC environment such as intrusion detection systems, intrusion analysis systems, security information event management platforms (SIEM), endpoint threat detection tools, and security operations ticket management.
Minimum Qualifications:
+ Bachelor’s degree in information technology, Cybersecurity, Data Science, Information Systems, or Computer Science from an ABET accredited or CAE designated institution. Six years’ experience in a related field in addition to one of the following current certifications are required: Cloud+, GICSP, SSCP, Security+, GSEC, FITSP-O, GFACT, CASP+, CCNP Security, or CCSP may be substituted for a degree.
+ Two or more years of hands-on experience with Splunk, demonstrated through work experience and/or military experience. Splunk Core Certified Power User or Advanced Power User.
+ Hands on experience with managing data sources, data alignment, and data curation. This includes troubleshooting missing events, working with data source owners to onboard new data sources and/or troubleshoot existing ones.
+ Hands on experience with dashboard and notable creation – visualizations, report generation, and general content creation.
+ Ability to develop rules, filters, views, signatures, countermeasures and operationally relevant applications and scripts to support analysis and detection efforts.
+ Strong logical/critical thinking abilities, especially analyzing security events from host and network event sources e.g., windows event logs, AV, EDR, network traffic, IDS events for malicious intent). Experience with the identification and implementation of countermeasures or mitigating controls for deployment and implementation in the enterprise network environment.
+ A working knowledge of the various operating systems (e.g., Windows, Linux, etc.) commonly deployed in enterprise networks, a conceptual understanding of Windows Active Directory is also required, and a working knowledge of network communications and routing protocols (e.g., TCP, UDP, ICMP, BGP, MPLS, etc.) and common internet applications and standards (e.g., SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.).
Preferred Qualifications:
+ An understanding in researching Emerging Threats and recommending monitoring content within security tools.
+ Experience with scripting or automation.
+ Familiarity with cloud security monitoring (e.g., AWS, Azure)
Clearance Requirements:
+ Must be a US Citizen and willing to obtain and maintain a DOD Public Trust and undergo a Tier 3 investigation with favorable results prior to starting this position.
Physical Requirements:
+ Must be able to be in a stationary position more than 50% of the time
+ Constantly operates a computer and other office productivity machinery, such as a computer
+ The person in this position frequently communicates with co-workers, management and clients, which may involve delivering presentations ad must be able to exchange accurate information in these situations
ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
If you are a qualified individual with a disability and require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please email us at [email protected] and provide your name and contact information.
-
Recent Jobs
-
Splunk Analyst
- ManTech (Frederick, MD)
-
SCITLS Solutions Architect/ Engineer
- General Dynamics Information Technology (Offutt AFB, NE)
-
Senior Engineering Technician
- Silicon Valley Power (Santa Clara, CA)
-
Plant Manager
- Danaher Corporation (New Port Richey, FL)