Splunk Developer ( R-00072611 )
The Defense Group at Leidos is seeing a Splunk Developer on our GSMO II IDIQ contract’s Joint Service Provider (JSP) Cyber Security Task Order in Alexandria, VA. JSP provides a full range of IT products, services, and solutions and customer services to the Office of the Secretary of Defense (OSD), Chairman of the Joint Chiefs of Staff (CJCS) and the Joint Staff (JS), Director of Administration (DA), Pentagon Force Protection Agency (PFPA), Washington Headquarters Services (WHS), and other OSD offices for them to meet mission and business requirements. Through the JSP Cyber Security program, JSP performs a wide variety of services and functions required to secure the information security posture for DoD services.
This task order is expected to be awarded in January with start of performance in February. This position has potential to start ahead of contract award in order to support transition in activities. An active Secret security clearance (With ability to hold TS/SCI) is required prior to start and this role will be based onsite in the Arlington, VA area. Some remote work will be allowed.
Design efficient and reusable reports and dashboards to integrate multiple mission applications’ health, performance and operational data systems into Splunk
Direct and monitor reporting in Splunk dashboards to reflect compliance status of DISA JSP with all directed information assurance vulnerability alerts and bulletins, Computer Tasking Orders, and other compulsory cyber security directives.
Create front-end automated data visualization services using Splunk
Create viewable Splunk dashboards to provide visibility into ingested log data
Create alerts that trigger/activate on configured setting to deploy or sends a note/email/attachments to a particulate destination email or groups
Create security rules (alerts) that trigger on anomalous activities or threat detections
Utilize Qmulos, Splunk, Assured Compliance Assessment Solution (ACAS), Host Based Security System (HBSS), and Tanium to assess/validate/monitor the security controls and security posture of the enterprise and system level in order to support on-going authorization.
Bachelor's degree and 8+ years of prior relevant experience. Additional experience may be considered in lieu of degree.
DoD 8570 IAM II certification
Splunk Core Certified Power User. Equivalent certification or higher
Excellent written and oral communications skills and be able to appropriately present highly technical material to both technical and non-technical audiences
An active Secret security clearance (with ability to hold TS/SCI) is required prior to start.
Prior experience as a network intrusion analyst or Security Operations Center analyst.
Experience configuring and maintaining the tool in a multi-tenant environment
Experience with one or more Security tools:
External Referral Eligible