Employer Active
This is a remote position.
Rate: DOE
Duration: 2 months Fully Remote
Location: Dallas TX
Citizenship Required by Federal Contract
PreQualifying Questions:
1. Do you have the required skills
2. Are you eligible to work on a government project
Skills:
.
At least 5 years of experience in the IT industry with strong technical knowledge on AWS Infrastructure & security services (EC2 ELB Guardduty Conf.
.
Hands on experience in terraform IaC deployments and ability to implement security automation.
.
Strong experience working on enterprise security solutions such as WAF IPS DDOS and SIEM..
.
Good technical experience managing products like Splunk enterprise security Tenable Nessus PaloAlto firewall Cortex XSOAR.
.
Good understanding of security controls related to regulatory requirements such as NIST PCI ISO 27001 HIPAA compliance etc.
.
Architecture certification (Google Amazon Azure) from a major cloud platform.
.
Information Security Certification is a plus: ISO 27001 CISSP or CISM or other equivalent.
.
Experience working on FedRamp compliant projects is a plus.
.
Senior Terraform and Ansible Scripting.
.
Must be eligible to work on a government project
Requirements:
Cloud Security SME specialized in Splunk ES and XSOAR
Splunk skillset Requirements:
.
Strong handson working experience in Splunk Installation and UNIX management Splunk architecture and components including search heads indexers and forwarders.
.
Installed configured and maintained Splunk Add ons and Apps such as but not limited to: Splunk AddOn for AWS Splunk AddOn for Windows and Google Workspace for Splunk.
.
Creation of new dashboards reports or analytics
.
Managed a clustered environment with multiple indexers and search heads.
.
Administered both Splunk Enterprise and Splunk Enterprise Security.
.
Worked closely with various Security and Platform Engineering teams to onboard new data from various sources.
.
Creation of new alerts custom rules.
.
Maintaining the security of splunk and its related components and indexes
.
Maintaining current patch levels for all splunk components including the Linux host OS patching and upgrading
.
Performing major version upgrades including the Linux host OS Splunk components as necessary
.
Troubleshooting and resolving splunk issues as necessary
.
Candidates with Splunk Enterprise Security Certified Admin or Splunk Certified Cybersecurity Defense Analyst certification will be preferred.
XSOAR skillset Requirements:
.
Experience in XSOAR with ability to configure existing and/or create new Incident Types Incident Fields Classifications & Mappings
.
Ability to build new or modify existing Playbooks including implementation of Generic Polling and similar tasks
.
Ability to configure and manage Threat Intelligence Management (TIM) features in XSOAR
.
Palo Certified Security Automation Engineer (PCSAE) preferred
What You Bring To The Team:
.
Can work autonomously deliver with minimal supervision from a set of requirements
.
Demonstrated ability to think strategically about business product and technical challenges
.
Has excellent communication skills to work as a member of a team
.
Ability to function in an agilebased environment and provide good daily feedback on team standup call
.
Good communication skills verbal / written
Deliverables:
.
Process Flows
.
Mentor and Knowledge transfer to client project team members
.
Participate as primary co and/or contributing author on any and all project deliverables associated with their assigned areas of responsibility
.
Participate in data conversion and data maintenance
.
Provide best practice and industry specific solutions
.
Advise on and provide alternative (out of the box) solutions
.
Provide thought leadership as well as hands on technical configuration/development as needed.
.
Participate as a team member of the functional team
.
Perform other duties as assigned.
Full Time