Cyber Analytics Engineer (Cribl & Splunk)

Onsite | College Park, MD, Pentagon, or Reston, VA | 5 Days a Week

Active TS/SCI Clearance Required - Ability to obtain a CI Poly

Summary

Our client is an employee and Service-Disabled, Veteran-owned Small Business focused on providing niche technical services. They are a team of experienced cybersecurity professionals with a track record of success in the Federal, Commercial, and Academic workspaces. Additionally, our client designs, builds, operates, and secures scalable cloud and IT infrastructures to meet their customers’ near-term needs and fulfill their long-term requirements.

Responsibilities

Our client is seeking a skilled Cyber Analytics Engineer with expertise in Cribl and Splunk to join their team. In this role, you will develop innovative solutions to ensure secure and reliable operations of enterprise computer systems. You will implement advanced cyber defense capabilities to prevent sophisticated threats, working within a small team or independently to lead projects, guide lower-level technicians, and deliver robust security solutions. Your deep understanding of layered defense and zero trust technologies will be crucial in identifying and neutralizing advanced attack vectors.

• Develop and implement enterprise network cyber defense capabilities, including web content filters, email security, Intrusion Detection/Prevention Systems, Host-Based Security Systems, Security Incident and Event Management tools, and more
• Utilize, configure, and manage Cribl and Splunk systems to monitor and defend against cyber threats
• Perform advanced threat detection through log analysis, network flow analysis, packet capture analysis, and other cyber defense methodologies
• Provide guidance and direction to lower-level technicians and ensure successful project completion
• Collaborate with other cybersecurity professionals to develop and deploy secure, scalable network defense solutions
• Maintain and enhance network security tools and protocols, including firewalls, proxies, antivirus software, and access control lists
• Lead efforts to automate security configurations for Linux and Windows systems, and recommend remediation for non-compliant security controls
• Ensure compliance with STIGs, SCAP, and other cybersecurity best practices

Requirements

• 3+ years of experience with Cribl and Splunk systems administration
• Experience with Windows and Linux, including installing, configuring, and maintaining server operating systems and applications
• Experience working with STIGs, SCAP, and cybersecurity best practices

Preferred Requirements

• Experience with VMWare
• Experience with big data analytics, machine learning, artificial intelligence, or anomaly detection
• Experience scripting in PowerShell, BASH, Python, or Perl
• Experience in a consulting or client-facing environment
• Ability to automate security configurations and recommend remediation for non-compliant security controls
• Excellent verbal and written communication skills, including the ability to present complex ideas effectively

Education/Certification Requirements

• A HS diploma or GED with 7+ years of experience in cyber engineering, or equivalent experience through Associate's, Bachelor's, or Master’s degree in a related field
• DoD 8570.01-M Information Assurance Technician (IAT) Level II Certification, such as Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND
• DoD 8570.01-M Cyber Security Service Provider - Infrastructure Support Certification, such as CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND

Clearance Requirements

• Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; an active TS/SCI clearance is required with the ability to obtain a CI Poly.