Cyber Security Administrator
Mcchord Air Force Base, WA

Job Description

Job Summary:

The Executive Airlift Communications Network (EACN) cyber security team provides End Point technologies support and expertise including, but not limited to, Splunk, McAfee HBSS (ePO), MS EMET, Tenable ACAS (Nessus) scanners

and Security Center, IDS/IPS, Firewall, and more.

Role and Responsibilities:

* Drive complex security focused deployments of Splunk while working side by side with the customer to solve their unique problems.
* Responsible for designing, implementing, and optimizing Splunk deployments.
* Assist the ACAS management team to include: ACAS software configuration, maintaining, scanning, and reporting.
* Administer, manage, monitor, and maintain HBSS server installation to include: Rules, extensions and detailed reporting. Integrate HBSS alerts, logs, and data feeds into defined processes and procedures such as ID analysis, auditing, etc.
* Managing and monitoring firewalls and providing reports as required.
* Work with our customer to understand their security posture and requirements.
* Support our security deployments by unlocking the potential of Splunk to assist our customers in achieving their Cyber Security strategy.
* Collaborate across the entire organization to bring access to product and technical teams to get the right solution delivered and drive innovation gathered from customer input.
* Leverage previous experiences, share best practices, and create innovative solutions to push user adoption and maximize the value of Splunk.
* Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
* Lead root cause analysis of critical events for improving preventative and reactive processes.
* Experience using trouble ticketing solutions such as Remedy.
* Constantly work to increase EACNs security posture with new technologies, while maintaining current tool sets and utilizing them to the fullest.

Position Requirements:

* 1-3+ years expertise in the deployment, configuration, and operations of Splunk.
* 1-3+ years of hands on experience with security monitoring tools such as Log collection and searching, IPS/IDS, Firewalls, HBSS (ePolicy Orchestrator), ACAS (Nessus), etc.
* 1-3+ years of professional experience with system administration and System Information and Event Management (SIEM) technologies/integrations.
* Perform advanced searching and reporting to help customers with the implementation of specialized/custom dashboards.
* Ability to build custom Splunk Applications, perform custom parsing of non-structured log files, and create custom automation's through different scripting languages.
* Experience in the use of network monitoring tools with a strong understanding of network protocols.
* Experience in working with other security technologies to develop use cases, data models, and connectors within Splunk to meet overall program objectives.
* Experience with Linux shell, CLI, RegEx, Splunk .conf, and Splunk Dashboard skills a plus.
* Technical writing/creation of formal documentation such as reports, training material, and architecture diagrams.
* Ability to perform security analysis, development and implementation of security policies, standards and guidelines.
* Ability to quickly explore, examine, and understand complex security problems.
* Experience with both the Linux and Windows operating systems.
* Comfortable working with command line interface.
* Ability to listen and collaborate with audiences ranging from IT administrators to executive level customers.
* Self-motivated and self-educating, yet willing and able to work collaboratively with both customers and team members.
* Well organized with a healthy sense of urgency, able to set; communicate; and meet aggressive deadlines with competing priorities.
* Understanding of TCP/IP and networking fundamentals

Education:

* BS preferred in computer science, information systems, information assurance, or equivalent work experience.
* Splunk administrator certification a plus.
* DISA HBSS 201 and 301 courses a plus.
* Certified Ethical Hacker certificate a plus.

Qualifications:

* Active Secret Clearance Required.
* DoD 8570 Certification Required, CompTIA Security + or higher.
* Intermediate Experience working with Windows and Linux Server Operating Systems.
* Strong skillset with MS Office Products.