Splunk Administrator

Job Locations US
ID
2022-1344
Type
Regular Full-Time
Internal/Partner Opportunity
Teaming Partner Opportunity

Overview

 

Responsibilities

  • Provide advanced analytic techniques to network traffic for Command and Control (C2) channels and other network traffic and monitor to detect APT and other cyber intrusion
  • Apply advanced analytic techniques to large volumes and source of IT system logs
  • Provide security engineering and the integration and deployment of security technology to support advanced external threats, insider threats, and cyber operations
  • Develop, enhance, and deploy IT systems to the JSOC
  • Couple automated threat intelligence feeds to the Enterprise SIEM within 10 working days of the threat feed being available
  • Provide Engineering and project support for: SEIM, IDS/IPS, Data Loss Prevention, Data Management, Workflow and task tracking, Memory Integrity/Analysis Systems, Endpoint Incident Response Systems, Packet Capture & Analytics Systems, Specialized Security Systems
  • Provide engineering personnel to support multiple security sensors/systems

Qualifications

  • 7+ years of experience (1 certification = 1 year of experience)
  • Splunk Administrator Certified / Splunk App Developer
  • Linux Technical Skills
  • Ansible / Python / Java Scripting Experience
  • Excellent oral and written communication skills

Work Authorization Requirements 

  • Must be a U.S. Citizen with an active Secret Clearance (minimum)
  • Top Secret Clearance is preferred but can be sponsored

 

BOOST is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed