ASRC Federal is seeking a Security Information and Event Management (SIEM) candidate with Splunk/ArcSight/ElasticSearch experience for a position as part of a team supporting the Defense Information Security Agency (DISA) at Ft. Meade, Maryland. Current work is onsite 2-3 days per week, but would need to be able to support a 5 day a week schedule if mission needs dictate. Opportunity to work alongside Splunk SMEs and learn about moving from an on premise solution to a cloud solution (AWS). This is a fantastic opportunity to grow skills while the migration is in the early stages.
Primary responsibilities will include, but are not limited to:
* Helps prepare, publish, and continuously maintain on-site support requirements list deliverable, software code and associated documentation deliverable, cyber situational awareness tools, scripts, and analytics maintenance plan deliverable and analytics repository deliverable.
* Provides all on-site support to each cyber operational stakeholder team during regular business hours at the specified location. The on-site support shall function as the embedded Subject Matter Expert at their operational location for current and future UCSA tools.
* Applies business process improvement practices to reengineer methodologies/principles and business process modernization projects.
* Applies, as appropriate, activity and data modeling, transaction flow analysis, internal control and risk analysis and modern business methods and performance measurement techniques.
* Assists in establishing standards for information systems procedures. Develops and applies organization-wide information models for use in designing and building integrated, shared software and database management systems.
* Constructs sound, logical business improvement opportunities consistent with corporate Information Management guiding principles, cost savings, and open system architecture objectives.
* Analyzes and recommends resolution of security/IA problems on basis of knowledge of the major IA products and services, an understanding of their limitations, and knowledge of the IA disciplines.
* BA/BS in a technical discipline with at least 8 years of experience, additional experience may be considered in lieu of a degree. Can be waived for the right candidate.
* Qualified IA personnel IAW DoDD 8570 and DoDD 8140, minimum of IAT II.
* Demonstrated expertise in Federal Government Security Event Management is absolutely necessary.
* Ability to assimilate new technologies quickly using existing knowledge
* Experience in providing technical expertise on executive level project teams and developing technical solutions to complex problems to support the customers mission success.
* Must have experience troubleshooting, administering, and maintaining large Splunk / ArcSight / ElasticSearch solutions
* Active Top Secret Clearance Required
* US Citizen
* Occasional travel required
* Splunk Admin or Splunk Professional certified
* Experience/knowledge in statistical and analytical modeling
* Experience with DISA Network Enclaves
* Experience with such methodologies as IDEF 0 process modeling and IDEF 1x data modeling
* Experience architecting and implementing distributed search capabilities
- Business Ethics
- Business Process Improvement
- Business Processes
- Cost Reduction
- Data Analysis