Are you interested in learning new technologies and creating new IT security capabilities?
Do you want to be empowered to take ownership and have a stake in the overall security and assessment of the IT infrastructure?
If so, we ‘re looking for someone like you to join our team at APL!
We are seeking a Splunk Security Engineer to be part of APL ‘s Classified IT Services team. We provide technical expertise to meet compliance and security objectives in environments that require Audit & Logging Tool Administration & Operations, Auditing & Incident Identification, and Incident Response Coordination. Our collaborative workplace promotes learning, growth, and fosters team spirit!
The Splunk Security Engineer will be a valued member of a team responsible for the overall engineering, operations, and maintenance of a Splunk environment spanning five classified security enclaves. The environments consist of forwarders, indexers, search heads, centralized log servers, and varying data ingests. You will coordinate operational responsibilities to include security and performance. You ‘ll support the full system engineering life-cycle of the environment, including requirements analysis, design/architecting, integration, testing, documentation, implementation, and documentation.
As a Splunk Engineer, you will…
Participate in the development of security-focused content for our Splunk implementations across five classified DoD networks. Coordinate with the security operations team and customers across the APL to build threat detection logic and dynamic operational dashboards. Assist with architecting log management and data ingest solutions to ensure they are scalable and efficient. Work with customers to onboard data sources and fully configure the security information and event management (SIEM) or security event management (SEM) to meet enterprise security and governance requirements. Assist with leading technical discussion with stakeholders and help manage client expectations, develop sophisticated reporting, and perform requirements management for stakeholders. Analyze and make recommendations for Risk Management Framework (RMF) compliance requirements.
Operate and maintain the Splunk operational architecture, to include the management of centralized log servers and reporting systems. Leverage expertise in governance, security technologies, information security, and networking to interact with clients and senior management regarding the current and future state of the Splunk architecture. Lead production support, management of the system hardware, and configuration of the underlying operating systems to meet scalability requirements while maintaining performance and stability. Leverage automation techniques and develop scripts to manipulate data repositories to support data and threat analysis. Develop documentation supporting management procedures and implementations guides for Splunk based solutions.
Leverage programming skills (e.g., CSS, HTML, JavaScript, Python, shell scripting) to automate security tools management. Build customized applications within Splunk such as searches, audit scripting, and visualization. Implement and manage Splunk add-ons to maximize capabilities, such as machine learning and advanced threat detection. Expertly leverage the Splunk Machine Learning Toolkit (MLTK) and the Splunk Search Processing Language (SPL) to develop network or entity-based anomaly detection alerting.
Assist with the Assessment and Authorization (A&A) of the Splunk environment. Perform risk assessments and Security Test & Evaluations (ST&E) of Splunk components and equipment under the IAVM and vulnerability management program. Review systems to identify potential security weaknesses, recommend improvements, and implement changes. Work with the Vulnerability Management team to remediate findings from Assured Compliance Assessment Solution (ACAS)/Nessus and Host-Based Security Solution (HBSS) scans, and other automated and manual assessment tools such as DoD Security Technical Implementation Guides (STIGs). Submit change requests for system components, develop a Plan of Action and Milestones (POA&M), and create documentation in support of RMF accreditations.
Perform log auditing and log management. Work closely with the operations team to monitor systems and environments for security incidents and general security operations. Track and help implement responses and actions to address operational and communication orders from governing organizations. Provide expert analysis of records to prevent or detect anomalies, or possible adverse events. Identify data accessed, destination and source addresses, timestamp, user login information, and specific sequence of activities in order to formulate courses of action and/or responses.
Qualifications
You will meet the minimum requirements if you have…
You will go above and beyond our minimum requirements if you have…
Why work at APL?
The Johns Hopkins University Applied Physics Laboratory (APL) brings world-class expertise to our nation’s most critical defense, security, space and science challenges. While we are dedicated to solving complex challenges and pioneering new technologies, what makes us truly outstanding is our culture. We offer a vibrant, welcoming atmosphere where you can bring your authentic self to work, continue to grow, and build strong connections with inspiring teammates.
At APL, we celebrate our differences and encourage creativity and bold, new ideas. Our employees enjoy generous benefits, including a robust education assistance program, unparalleled retirement contributions, and a healthy work/life balance. APL’s campus is located in the Baltimore-Washington metro area. Learn more about our career opportunities at www.jhuapl.edu/careers.
#CJ
#LI-KW1
About Us
APL is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, creed, color, religion, sex, gender identity or expression, sexual orientation, national origin, age, physical or mental disability, genetic information, veteran status, occupation, marital or familial status, political opinion, personal appearance, or any other characteristic protected by applicable law. APL is committed to promoting an innovative environment that embraces diversity, encourages creativity, and supports inclusion of new ideas. In doing so, we are committed to providing reasonable accommodation to individuals of all abilities, including those with disabilities. If you require a reasonable accommodation to participate in any part of the hiring process, please contact [email protected]. Only by ensuring that everyone’s voice is heard are we empowered to be bold, do great things, and make the world a better place.
br{display:none;}.css-58vpdc ul > li{margin-left:0;}.css-58vpdc li{padding:0;}]]> Location: Greenbrae, CA Healthcare Security Admin position available includes: Morning position available $26.00/hr M-F 10:30am-7:00pm...
Apply For This Jobbr{display:none;}.css-58vpdc ul > li{margin-left:0;}.css-58vpdc li{padding:0;}]]> We are looking for a IT Specialist to join our Information and Security Support Team....
Apply For This Jobbr{display:none;}.css-58vpdc ul > li{margin-left:0;}.css-58vpdc li{padding:0;}]]> Our client is a multibillion-dollar company that provides end-to-end managed services, technology and consulting to...
Apply For This Jobbr{display:none;}.css-58vpdc ul > li{margin-left:0;}.css-58vpdc li{padding:0;}]]> Job Type: Full-time (exempt) Compensation Range: $85,000 – $130,000 Job Location: 300 High Street, Hamilton...
Apply For This Jobbr{display:none;}.css-58vpdc ul > li{margin-left:0;}.css-58vpdc li{padding:0;}]]> Job Summary The Solutions Architect is responsible for driving the overall solution from end to...
Apply For This Jobbr{display:none;}.css-58vpdc ul > li{margin-left:0;}.css-58vpdc li{padding:0;}]]> Overview CommonSpirit Health was formed by the alignment of Catholic Health Initiatives (CHI) and Dignity...
Apply For This Job