Splunk Analyst with Security Clearance

---

Job description

Responsibilities & Qualifications Responsibilities Utilize the Splunk Architecture to perform assessments of systems and networks within the network environment or enclave and identify where those systems/networks deviate from acceptable configurations, enclave policy, or local policy.
Analyze network and computer system weaknesses, exposure, and vulnerabilities to provide recommendation for mitigation strategy.
Support incident response, mitigation, and investigation actions.
Responsible for performing Enterprise security audit functions for all assets to include vulnerability assessments, risk analysis, compliance assessment, and maintenance of the security auditor toolkit.
Accountable for Security Assessment reporting and recommending mitigation strategies. Responsible for the Splunk Architecture integration of security products such as, but not limited, to HBSS, ArcSight, Tenable Nessus & Security Center, Solarwinds, MS System Center Configuration Manager (SCCM), and INSCOM / GISA's current ticketing system.
Reports and Visualizations Management: The contractor shall generate reports dashboards, visualizations, alerts, etc. to support INSCOM's ability to perform auditing, continuous monitoring, and Information Operations Intelligence utilizing the Splunk Architecture.
Support security-related investigations via Splunk App for Enterprise Security and additional Splunk apps as they apply.
Enact incident response and remediation workflows from Enterprise Security, customize queries, and promote advanced searching, forensics and analytics.
Provide Splunk related support during Security Controls Assessment (SCA), Command Cyber Readiness Inspection (CCRI), JWICS Cybersecurity Inspection Program (JCIP) and other inspections or assessments of INSCOM audit capabilities.
Perform agnostic of the technology and meet the requirements for the position. IAW responsibilities of a SOC Data Analyst as defined under DOD 8140 DCWF roles with a focus on Splunk to include but not limited to:
Delivery of Splunk Reports, Splunk Dashboards, Splunk Visualizations, Splunk Event Alerts.
CPEM (FISMA) report quarterly in two formats, (1) Dashboard (dynamic) and (2) IC DIA directed format (static).
Annual ICS 500-27 observability and compliance assessment.
Annual CNSSD 504 Annex A observability and compliance assessment. Required Qualifications Must hold and maintain an active U.S. Government Top Secret security clearance with eligibility for SCI.
Must have a DOD 8570/8140 CSSP Analyst Certification and one of the following Computer Environment (CE) Certifications (Splunk Admin, Advanced Power User certification, Cybersecurity Defense Analyst)
Be familiar with relevant U.S. Government, U.S. Department of Defense, U.S. Intelligence Community, and U.S. Army Cybersecurity regulations and compliance standards.
Abilities:
Analyze data sources to provide actionable recommendations.
Collect metrics and trending data.
Develop strategic insights from large data sets.
Present technical information to technical and non-technical audiences.
Manipulate and clean large, disparate datasets for bulk analysis to identify connections.
Read, interpret, write, modify, and execute scripts, macros, and functions.
Conduct queries and develop algorithms to analyze data structures.
Generating queries and reports
Identifying hidden patterns or relationships.
Use basic descriptive statistics and techniques (e.g., normality, model distribution, scatter plots).
Use data analysis tools (e.g., Excel, STATA SAS, SPSS). Use query languages such as SQL (structured query language). Use risk management processes (e.g., methods for assessing and mitigating risk).
Ability to interpret and incorporate data from multiple tool sources.
Ability to use data visualization tools.
Skills and Knowledge: Skill in conducting queries and developing algorithms to analyze data structures.
Skill in generating queries and reports. Skill in identifying hidden patterns or relationships.
Skill in using basic descriptive statistics and techniques (e.g., normality, model distribution, scatter plots).
Skill in using data analysis tools (e.g., Excel, STATA SAS, SPSS). Knowledge of query languages such as SQL (structured query language). Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). Knowledge of cyber threats and vulnerabilities.
Knowledge of computer networking concepts and protocols, and network security methodologies. Knowledge of data mining and data warehousing principles. Knowledge of specific operational impacts of cybersecurity lapses. Knowledge of how to collect, store, and monitor data.
Knowledge of how to structure and display data.
Knowledge of how to use data to tell a story. Overview We are seeking a Splunk Analyst to join our team supporing Splunk Support Services at INSCOM. TekSynap is a fast growing high-tech company that understands both the pace of technology today and the need to have a comprehensive well planned information management environment. "Technology moving at the speed of thought" embodies these principles - the need to nimbly utilize the best that information technology offers to meet the business needs of our Federal Government customers. We offer our full-time employees a competitive benefits package to include health, dental, vision, 401K, life insurance, short-term and long-term disability plans, vacation time and holidays. Visit us at . Apply now to explore jobs with us! Additional Job Information WORK ENVIRONMENT AND PHYSICAL DEMANDS The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of the job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. Location: Fort Belvoir, VA
Type of environment: Office
Noise level: Low
Work schedule: Schedule is day shift Monday - Friday. May be requested to work evenings and weekends to meet program and contract needs.
Amount of Travel: Less than 10% PHYSICAL DEMANDS The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to use hands to handle, feel, touch; reach with hands and arms; talk and hear. The employee is regularly required to stand; walk; sit; climb or balance; and stoop, kneel, crouch, or crawl. The employee is regularly required to lift up to 10 pounds. The employee is frequently required to lift up to 25 pounds; and up to 50 pounds. The vision requirements include close vision, distance vision, peripheral vision, depth perception, and ability to adjust focus. WORK AUTHORIZATION/SECURITY CLEARANCE US Citizen Top Secret Clearance with SCI eligibility OTHER DUTIES Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice. EQUAL EMPLOYMENT OPPORTUNITY In order to provide equal employment and advancement opportunities to all individuals, employment decisions will be based on merit, qualifications, and abilities. TekSynap does not discriminate against any person because of race, color, creed, religion, sex, national origin, disability, age, genetic information or any other characteristic protected by law (referred to as "protected status"). This nondiscrimination policy extends to all terms, conditions, and privileges of employment as well as the use of all company facilities, participation in all company-sponsored activities, and all employment actions such as promotions, compensation, benefits, and termination of employment.

<!– job description page –>