Cyber Security Engineer III-IV (Splunk Content Developer/ES Search head Admin)
Company: Navy Federal Credit Union
Location: Winchester
Posted on: April 20, 2024
|
|
Job Description:
OverviewWe are looking for a Splunk Content Developer/ES Search
head Admin that can come in to take ownership of day-to-day
Operations with minimal spin-up time. Successful candidate will be
a member of a high performing team of certified Splunk Enterprise
and Splunk ES administrators. You will partner with additional
teams within Navy Federal Credit Union to protect the Navy Federal
brand, data, and IT assets from cyber-based threats in support our
Cybersecurity Operations Center (CSOC) and its associated programs.
You will serve as technical interface to customers (analysts) for
Splunk and Splunk ES, articulating technology and product
positioning to both business and technical users. Successful
candidates will work independently; must be self-starting
self-motivated individual, be accountable and timely in their
production and status reporting and communicate effectively both in
writing and when speaking to groups. You will be expected to work
to build and maintain relationships within and outside of the CSOC,
all team members share this duty. This position will require a high
level of attention to detail to the work performed, following
process, and detailed updates/documentation using
Jira.Responsibilities--- Developing notable events, visualizations,
forms, reports, alerts, dashboards, and visualizations to identify
adversarial activity--- Build and implement event correlation
rules, logic, and content in the SIEM--- Configure notable event
actions, action menus and Adaptive Responses--- Tune SIEM event
correlation rules and logic to filter out security events
associated with known and well-established network behavior, known
false positives and/or known errors--- Create and support the
creation of SIEM Use Cases and understand what alerts and log
enrichment is necessary to meet the required acceptable false
positive rate--- Translate feedback from the business to Splunk
technical requirement and solutions--- Normalize data to ensure CIM
compliance, and align with data models to accelerate queries,
dashboards, and correlation searches--- Maintain Splunk Apps,
Technology Add-ons as required by Splunk ES upgrades--- Research
and look for opportunities to adopt the best practices and industry
standards to enhance the SIEM, Fraud, and SOAR platforms--- Monitor
system stability and performance and ensure system availability,
reliability, and usability--- Troubleshoot and resolve
Splunk-related technical issues, partnering with IT and SOC teams
as needed--- Always provide professional and courteous service with
excellent verbal and written communications skills.--- Participate
in on-call rotation and respond to incident alerts--- Stay abreast
of the latest Splunk features, technologies, and industry trends,
and make recommendations for continuous improvement--- Follow
Change & Configuration Management procedures in relevant tools
(e.g. Jira, SNOW, etc.)--- Ensure the completion of tasks and
update tickets accordinglyQualifications--- Bachelor's degree in
computer science, Information Systems, Cybersecurity or comparable
field of study, and/or equivalent work experience--- Six (6) to
eight (8) years of experience with Splunk in distributed
deployments and at least two (2) years of experience in Splunk
Cloud environments--- At least three (3) years of experience with
Splunk Enterprise Security--- Current Splunk Enterprise Certified
Admin certification--- Current Splunk Enterprise Security Certified
Admin certification--- Proficient at data administrative activities
including parsing and normalizing events to the Splunk Common
Information Model (CIM)--- Proficiency aligning data to
Splunk-developed add-ons for Windows, Linux, and common third-party
devices and applications--- Superb communication skills (both
oral/written) including the ability to clearly communicate
technical topics and risk to an audience than can include both
engineers and executives--- Strong problem-solving abilities with
an analytic and qualitative eye for reasoning under pressure---
Experience with SIEM and/or SOAR platforms, including the
development of automations and integrations--- Self-starter with
the ability to independently prioritize and complete multiple tasks
with little to no supervision--- Knowledge of JIRA and
Confluence--- Knowledge of Change Management processes--- Hands on
experience in an agile environmentDesired Qualifications and
Education Requirements--- Current Splunk Enterprise Certified
Architect--- Current Splunk Core Certified Consultant---
Expert-level knowledge and ability with Splunk Enterprise Security
or integration with other Security Information and Event Management
(SIEM) platforms--- Knowledge of scripting languages like Python---
Experience in the banking or finance industries a plus--- Knowledge
of version control practices and experience with version control
software products (e.g. Git, Bitbucket, etc.)--- Relevant
cybersecurity certifications, (e.g. CISSP, GCIA, GCIH, GCED, or
similar).--- At least three (3) years of experience in
Cybersecurity, InfoSec, Security Engineering, Network Engineering
with emphasis in Cybersecurity in the following areas:--- In-depth
knowledge of operating systems logs (Windows servers and
workstations, AIX/Linux/Solaris, and Apple Mac)--- In-depth
knowledge of network appliance logs (Firewalls, router &
switches).--- Incident Response analysis--- Network Intrusion
Detection System/Intrusion Prevention Systems (IDS/IPS)--- Security
Orchestration Automation and Response (SOAR)--- Endpoint and
Network Detection and Response (EDR/NDR)--- User Behavior Analytics
(UBA)--- Network and Host malware detection and prevention---
Network and Host forensic applications--- Web/Email gateway
security technologiesHours: Monday - Friday, 8:00AM -
4:30PMLocation: 820 Follin Lane, Vienna, VA 22180 - 5550 Heritage
Oaks Dr. Pensacola, FL 32526 - 141 Security Dr. Winchester, VA
22602Job postings are subject to close early or extend out longer
than the anticipated closing date at the hiring team's discretion
based on qualified applicant volume.About UsYou have goals, dreams,
hobbies, and things you're passionate about-what's important to you
is important to us. We're looking for people who not only want to
do meaningful, challenging work, keep their skills sharp and move
ahead, but who also take time for the things that matter to
them-friends, family, and passions. And we're looking for team
members who are passionate about our mission-making a difference in
military members' and their families' lives. Together, we can make
it happen. Don't take our word for it:--- Military Times 2022 Best
for Vets Employers--- WayUp Top 100 Internship Programs--- Forbes -
2022 The Best Employers for New Grads--- Fortune Best Workplaces
for Women--- Fortune 100 Best Companies to Work For ----
Computerworld - Best Places to Work in IT--- Ripplematch Campus
Forward Award - Excellence in Early Career Hiring--- Fortune Best
Place to Work for Financial and Insurance ServicesEqual Employment
Opportunity: Navy Federal values, celebrates, and enacts diversity
in the workplace. Navy Federal takes affirmative action to employ
and advance in employment qualified individuals with disabilities,
disabled veterans, Armed Forces service medal veterans, recently
separated veterans, and other protected veterans.
EOE/AA/M/F/Veteran/Disability
EOE/AA/M/F/Veteran/DisabilityDisclaimers: Navy Federal reserves the
right to fill this role at a higher/lower grade level based on
business need. An assessment may be required to compete for this
position. Job postings are subject to close early or extend out
longer than the anticipated closing date at the hiring team's
discretion based on qualified applicant volume. Navy Federal Credit
Union assesses market data to establish salary ranges that enable
us to remain competitive. You are paid within the salary range,
based on your experience, location and market positionBank Secrecy
Act: Remains cognizant of and adheres to Navy Federal policies and
procedures, and regulations pertaining to the Bank Secrecy Act.
Keywords: Navy Federal Credit Union, Leesburg , Cyber Security Engineer III-IV (Splunk Content Developer/ES Search head Admin), IT / Software / Systems , Winchester, Virginia
Click
here to apply!
|