CACI International Splunk Architect in Chantilly, Virginia
The CDM Program is managed within the DHS National Protection and Programs Directorate, (NPPD)/Office of Cybersecurity and Communications (CS&C)/Network Security Deployment (NSD) Division, responsible for enhancing the security, resilience, and reliability of the Nation’s cyber and communications infrastructure. The DHS CDM Program mission is to safeguard and secure cyberspace in an environment where the threat of cyber-attack is continuously growing and evolving. The CDM Program defends the United States (U.S.) Federal Information Technology (IT) networks from cybersecurity threats by providing continuous monitoring sensors (tools), diagnosis, mitigation tools, and associated services to strengthen the security posture of Government networks.
The CDM Solution uses Splunk as it SEIM. This role is to be recognized subject matter expert for configuring and administering the Splunk instance(s) that underpin the overall solution to include configuring the associated data feeds. This role also provides feedback for continuous improvement based on architectural enhancements. Since Splunk is the integration point of the CDM Solution, this position will be working very closely with the other elements of the solution (i.e. the tools and sensors, the orchestration engine and the dashboards) to ensure overall functionality.
What You’ll Get to Do:
Architect, Design and Set up and configure Splunk search servers, deployment servers, clustered indexers, and forwarders, as required
Design, configure and establish incoming Index feeds from many desperate cyber security tools across the DHS Enterprise to include Operating System and Application level logging.
Design, configurate and build a complex operations dashboard to monitor the CDM Solution Environment to include data integrity and quality checks
Design, configure and build output feeds for RSA Archer to consume based on the CDM Data Model.
Create the procedures and supervise the migration from the current distributed environment into the new consolidated environment.
Demonstrate innovative influence for projects
Problems faced are difficult and often complex
Communicates with parties within and outside of own job function
More About the Role:
Prepare status reports at least weekly and monthly and complete other reporting requirements as required
Provide QA for team member’s work
Responsible for developing, coordinating and maintaining the relevant portions of the Service Operations Handbook and holding team members accountable for following published SOPs.
Track and report on team’s performance via formal performance metrics
Responsible for providing guidance, coaching and training to other employees within technical discipline
You’ll Bring These Qualifications:
US Citizenship required
Must meet eligibility requirements for access to classified information and be clearable to a Department of Homeland Security (DHS) EOD clearance. Active DoD clearance preferred
BA/BS or equivalent years of experience and 10+ Years of relevant experience
Certification: Splunk Certified Architect
Demonstrated experience designing and implementing Enterprise level Clustered Splunk environments consuming data from lots of different sources.
Demonstrated experience designing and building complex dashboards based on Splunk to include complex logic, workflows and data transformation.
Demonstrated experience building and maintaining a complex data model to normalize incoming data sources.
Demonstrated knowledge of ITIL processes and experience leading a Cyber Operations Team using those processes
These Qualifications Would be Nice to Have:
Working knowledge Cyber Security tools like the McAfee and Symantec Suites, Tenable Nesses, ForeScout, RSA Archer
Agile developmental experience
Relevant DHS or .Gov Cyber Security focused experience
Clear and proven communicator and technical leader. Must be able to work well in an environment where they are facilitating a large group of government and other contractor personnel to achieve a common goal.
Detail oriented – must be able to recognize critical elements of successful operations and then hold themselves and their teams accountable for meeting those critical elements.
Flexibility – The environment is very dynamic. The Engineering Manager will be expected to keep up with the changing environment while ensuring a high level of operational effectiveness
Team Player – This role is part of a much larger team. The engineering manager will be expected to grow and develop their subordinate team members’ moral and wellbeing as well as support the overall Operations Team and Team CACI’s mission.
What We Can Offer You:
We’ve been named a Best Place to Work by the Washington Post.
Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
We offer competitive benefits and learning and development opportunities.
We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.
CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.
- CACI International Jobs