ARCSight/Splunk Administrator
4 weeks ago
Overview
LMI is seeking an experienced ARCSight/Splunk Administrator to support a Program Office for a Government Client, located in Virginia. Remote work is anticipated with travel to various Client sites as needed.
At LMI, we’re reimagining the path from insight to outcome at The New Speed of Possible™. Combining a legacy of over 60 years of federal expertise with our innovation ecosystem, we minimize time to value and accelerate mission success. We energize the brightest minds with emerging technologies to inspire creative solutioning and push the boundaries of capability. LMI advances the pace of progress, enabling our customers to thrive while adapting to evolving mission needs.
Responsibilities
Responsibilities are, but no limitted to the following:
- Perform all major Administrator functions to operate and tuneArcSight for current systems and prepare for migration toSplunk SIEM
- Coordinate and manage future Splunk SIEM migration and implementation.
- Ensure interoperability between Splunk and new tool/sensor data feeds.
- Design and architect logs IAW Army Cyber Technical Capabilities Requirements
- Provide data analysis, log analysis, logging solution details.
- Use Splunk SIEM tool to monitor and analyze network performance and Cyber Security incidents and reports to detect vulnerabilities and anomalies or problems or issues.
- Develop monitoring and response rules, reports, dashboards, data monitors, active channels, trends, and use cases to identify threats and optimize data mining.
- Perform analysis of current configuration and proposed configurations to ensure compatibility within the overall system.
- Analyze threat information gathered from logs, Intrusion Detection Systems, intelligence reports, vendor sites, and a variety of other sources.
- Research, plan, install, configure, troubleshoot, maintain, and back up all components in ArcSight first, and upon migration to Splunk, in Splunk
- Apply knowledge of SIEM tools expertise to conceptualize, design, and build secure technical solutions, including operationally viable and efficient applications, systems, architectures, and infrastructure.
- Direct on the design and integration of Cybersecurity toolsets to enable more automated discovery, remediation, and alerting of network and device vulnerabilities as a means of improving the security posture while reducing manpower requirements.
- Troubleshoot and develop solutions for anomalies both remotely and locally for Splunk based solutions.
- Experience with any or all of these technologies: Splunk, Qmulos, AMQP (RabbitMQ), Nessus, SQL Server, PostGRE SQL, Red Hat Satellite, Nagios, McAfee ePO, Phantom, IPSEC, PKI, ForeScout, Qualys, CA PAM/Xceedium, CyberARK, SailPoint
- Experience in utilizing the COTS products identified such as the following:
- Operating System: IBM AIX, Solaris OS, Red Hat Enterprise Linux, Microsoft Windows Server 2008/2016 and later
- Oracle: Oracle Application Server; Oracle Grid Infrastructure; Oracle Database; Oracle Clients; Oracle SQL Developer; WebLogic,
- Data Loss Prevention: McAfee Agent; McAfee Host Intrusion Prevention; McAfee Policy Auditor; Policy Auditor Content Update; Policy Auditor Agent; SQL Server
- COTS: Internet Explorer; Adobe Acrobat Reader X; ActivClient CAC; ActivCard Gold for CAC -“PKI; ForgeRock Open AM Java EE Policy Agent; Tivoli Client, Veritas Volume Manager & NetBackup
- Experience assisting with Federal Government Certification and Accreditation information assurance following Risk Management Framework (RMF) process.
- Responsible for making moderate to significant improvements of systems or products to enhance performance of programs and projects.
Qualifications
- BA/BS in IT related field or equivalent experience and minimum 5 years related work experience.
- Demonstrated experience with the integration and sustainment of the ArcSight Connector Appliance, Logger components, ArcSight Management Center, and ArcSight ESM.
- Experience with Splunk and migration to the Cloud environment.
- Previous experience in a Security Operations Center (SOC) environment is a plus.
- Knowledge of administration of SIEM tools backend database infrastructure related to upgrades and daily maintenance.
- Detail and team oriented – able to work via MS Teams and in person as needed.
- Flexible – The environment is highly dynamic. You will be expected to keep up with the changing environment while ensuring a high level of operational effectiveness.
- Team Player – This role is part of a much larger team and needs to stay connected and involved in the daily operations battle rythm of the program.
- Position will most likely be remote authorized – with the requirements to be able to travel to the Fort Gregg-Adams, VA, Redstone Arsenal, Huntsville, AL, or Radford. VA -as needed for IT support or site surveys. (less than 20%).
- Must have current DOD Security Clearance - Secret
#LI-SH1
-
ARCSight/Splunk Administrator
7 days ago
Fort Gregg-Adams, United States Logistics Management Institute Full timeOverview LMI is seeking an experienced ARCSight/Splunk Administrator to support a Program Office for a Government Client, located in Virginia. Remote work is anticipated with travel to various Client sites as needed. At LMI, we’re reimagining the path from insight to outcome at The New Speed of Possible™. Combining a legacy of over 60 years of federal...
-
Network Administrator, NSC
7 days ago
Fort Gregg-Adams, United States Core Government Services Full timeThis is a Key Person position at Fort Gregg-Adams, VA (previously known as Fort Lee) in support of the National Simulation Center (NSC) task order under MTCCS II IDIQ. CGS is seeking best qualified individuals for its upcoming bid in support of this task order. Expected award and start word date is March-April 2024. Essential Functions: Administering the...
-
Fort Belvoir, United States SOFTACT Full timeSPLUNK PROFESSIONAL SERVICES CONSULTANT TO SUPPORT CONTRACT WITH PLANNING, DEVELOPING, AND IMPLEMENTING TASK SPECIFIC CHALLENGES TO COMPLEX DEPLOYMENTS POSITION LOCATIONS:Multiple – Fayetteville, NC; Fort Belvoir, VA; Crystal City, VA; Annapolis Junction, MD DESCRIPTION:SOFtact Solutions (STS) is seeking a Splunk Professional Services Consultant to support...
-
Linux Engineer
3 days ago
Fort Belvoir, United States Gray Tier Technologies LLC Full timeGray Tier Technologies is looking for a Linux Engineer to support one of our Defense customers in Fort Belvoir Virginia. The position requires a Secret Clearance and is a hybrid role. Linux EngineerBasics: •At least a Secret clearance (DoD would be best) •Sec+ CE or equivalent •Red Hat/Linux cert (Linux+, LPI, RHCSA) Skills: •Experience with Red Hat...
-
Fort Meade, United States Apex Systems Full timeCybersecurity Analyst Lead w/ Endpoint Engineering Email - Note: This is a M-F business core hours Job Description:The selected candidate shall execute in real time synchronization of enterprise operational actions and activities, maintain Knowledge Management tracking to enable situational awareness of Cyberspace operations, track cyber operations forces...
-
Systems Administrator
1 week ago
Fort Stewart, Georgia, United States SAIC Career Site Full timeDescription SAIC has an immediate opening for a Systems Administrator supporting SITEC 3 supporting SOCCOM. The position is based in Fort Liberty, North Carolina. The Systems Administrator will be responsible for maintaining Server environment for the SOCCOM enterprise.Responsibilities include but are not limited to:Establishes, updates, and analyzes system...
-
Fort Meade, United States TEKsystems co Allegis Group Full timeRequired Qualifications:• Active DoD TS/SCI Clearance and eligible for polygraph.• DoDD 8570 IAT Level II Certification (SEC+, CySA, GICSD, etc.).• Bachelor’s degree in related discipline and 4+ years of related experience. Additional experience may be accepted in lieu of degree.• Experience working with members if the Intelligence Community and...
-
Cyber Security Fusion Analyst
1 month ago
Fort Meade, United States Leidos Full time**Description** The Leidos Defense Group has an opening for a **Cyber Security Fusion Analyst** on the DISA GSM-O II program supporting Joint Force Headquarters DODIN at Fort Meade. **Position Summary**: GSM-O II provides network operations and cyber defense support to the Defense Information Systems Agency (DISA) in support of the DOD and COCOMs. In this...
-
System Administrator
2 weeks ago
Fort Meade, Maryland, United States MAXISIQ, Inc. Full timeJob Description Systems Administrators-- We’re building a dynamic engineering team with a real-world cyber mission focus. Seeking seasoned Systems Administrators who are highly motivated to put their knowledge into play developing, deploying and maintaining advanced, complex operational networks. These are full time positions at Fort Meade, MD and...
-
Senior System Administrator
2 weeks ago
Fort Meade, Maryland, United States MAXISIQ, Inc. Full timeJob Description Systems Administrators-- We’re building a dynamic engineering team with a real-world cyber mission focus. Seeking seasoned Systems Administrators who are highly motivated to put their knowledge into play developing, deploying and maintaining advanced, complex operational networks. These are full time positions at Fort Meade, MD...
-
Network Administrator, NSC
7 days ago
Fort Lee, United States Core Government Services Corporation Full timeJob Description Job Description This is a Key Person position at Fort Gregg-Adams, VA (previously known as Fort Lee) in support of the National Simulation Center (NSC) task order under MTCCS II IDIQ. CGS is seeking best qualified individuals for its upcoming bid in support of this task order. Expected award and start word date is March-April 2024. Essential...
-
Cyber Defense Analyst
2 days ago
Fort Meade, United States Secure Technologies Group Inc Full timeThis position requires a current TS/SCI clearance with polygraph. Let's make a positive impact on U.S. National Security! We are building a World-Class, distributed, Cyber Incident Response Center - want to be a part of it? SecureTech Cyber Defense Analysts make a difference every day in support of the nation's Intelligence Community: We use information...
-
Cyber Security Fusion Analyst
2 days ago
Fort Meade, United States Clear Ridge Defense Full timeClear Ridge Defense is seeking TS/SCI cleared professionals to serve as Cyber Security Fusion Analysts in Fort Meade, MD. Roles and Responsibilities You will... Leverage an array of network monitoring and detection capabilities (including netflow, custom application protocol logging, signature-based IDS, and full packet capture (PCAP) data) to identify...
-
Network Administrator, NSC
7 days ago
Fort Cavazos, United States Core Government Services Full timeThis is a Key Person position at Fort Cavazos, TX (previously known as Fort Hood) in support of the National Simulation Center (NSC) task order under MTCCS II IDIQ. CGS is seeking best qualified individuals for its upcoming bid in support of this task order. Expected award and start word date is March-April 2024. Essential Functions: Administering the...
-
Network Administrator, NSC
1 month ago
Fort Lee, United States Core Government Services Corporation Full timeJob DescriptionJob DescriptionThis is a Key Person position at Fort Gregg-Adams, VA (previously known as Fort Lee) in support of the National Simulation Center (NSC) task order under MTCCS II IDIQ. CGS is seeking best qualified individuals for its upcoming bid in support of this task order. Expected award and start word date is March-April 2024.Essential...
-
Network Administrator, NSC
1 month ago
Fort Hood, United States Core Government Services Corporation Full timeJob DescriptionJob DescriptionThis is a Key Person position at Fort Cavazos, TX (previously known as Fort Hood) in support of the National Simulation Center (NSC) task order under MTCCS II IDIQ. CGS is seeking best qualified individuals for its upcoming bid in support of this task order. Expected award and start word date is March-April 2024.Essential...
-
Fort Wayne, United States L3Harris Technologies Full timeJob Title: Info Security Systems EngineeringJob Code: 11198JobLocation:Ft Wayne, INJobDescription:Essential Functions:Communicator, at the mastery level, responsible for technical briefs to Program Managers, Systems Engineering and other engineering disciplines as well as senior management on all aspects of Security EngineeringSpace vehicle encryption...
-
Lead, Info Security Systems Engineer Secret
2 weeks ago
Fort Wayne, United States L3Harris Technologies Full timeJob Title: Lead, Info Security Systems Engineering Job Code: 8299 Job Location: Ft Wayne, IN Job Description: Essential Functions: Communicator, at the mastery level, responsible for technical briefs to Program Managers, Systems Engineering and other engineering disciplines as well as senior management on all aspects of Security Engineering Space...
-
Lead, Info Security Systems Engineer Secret
7 days ago
Fort Wayne, United States L3 Technologies Full timeJob Title: Lead, Info Security Systems Engineering Job Code: 8299 Job Location: Ft Wayne, IN Job Description: Essential Functions: Communicator, at the mastery level, responsible for technical briefs to Program Managers, Systems Engineering and other engineering disciplines as well as senior management on all aspects of Security Engineering Space vehicle...
-
Lead, Info Security Systems Engineer Secret
3 days ago
Fort Wayne, United States L3 Technologies Full timeJob Title: Info Security Systems Engineering Job Code: 11198 Job Location: Ft Wayne, IN Job Description: Essential Functions: Communicator, at the mastery level, responsible for technical briefs to Program Managers, Systems Engineering and other engineering disciplines as well as senior management on all aspects of Security Engineering Space vehicle...
