SIEM ENGINEER WITH SECURITY CLEARANCE
Criterion Systems, LLC
Las Vegas NV 89101 US
Overview At Criterion Systems, we developed a different kind of business-a company whose real value is a reputation for excellence built upon the collective skills, talents, perspectives, and backgrounds of its people. By accepting a position with Criterion Systems, you will join a group of professionals with a collaborative mindset where we share ideas and foster professional development to accomplish our goals. In addition to our great culture, we also offer competitive compensation and benefit packages, company-sponsored team building events, and advancement opportunities. To find out more about how Criterion can help you take your career to the next level please visit our website: www.criterion-sys.com . Criterion Systems is a Military/Veteran Friendly Company therefore we encourage Veterans to apply. Responsibilities We are seeking a SIEM Engineer to support and contribute to our government customer's success in Las Vegas, NV! The SIEM Engineer will become an integral part of the Enterprise Detection Engineering team focused on delivering innovative solutions which enhance the capabilities of the Security Operations Center to detect and identify threat activity and system intrusions. This job will involve a range of Splunk development and configuration activities including system deployment, Splunk app implementation, data on-boarding, and other Splunk integrations. Development projects employ DevOps practices and Agile methodologies to ensure timely delivery of solution improvements aligned with customer requirements. This role will be responsible, working closely with Engineering teams to identify, design, implement, and test automated processes for solution delivery. A strong IT background, as well as knowledge of Linux administration services is very beneficial. Duties, Tasks & Responsibilities * Work closely with SOC, Architecture, Engineering, and project stakeholders to deliver needed solutions in a timely manner. * Develop and maintain detailed technical documentation which includes solution requirements, use cases, system dependencies, test plans, build and deployment processes, usage guides, build artifacts, and release notes. * Collaboratively design and implement custom SIEM solutions which satisfy project requirements. * Work with Splunk Engineers, Security Engineers, and other facets of engineering to coach and mentor in SIEM best practices, troubleshooting, and other SIEM issues that arise * Complete given tasks by management and federal leadership to support the NNSA Mission * Implement, maintain, and support 24x7x365 SIEM operations for SOC monitoring and alerting * Serve as the final POC for SIEM troubleshooting and issues before SIEM Vendor Support is engaged * Conduct continuous health monitoring of Splunk clusters and environment as day-to-day tasks and solve issues as they are discovered/alerted * Stay up-to-date on the latest SIEM best practices, troubleshooting steps, and known issues with SIEM technology to ensure continued operations Qualifications Required Experience, Education, Skills & Technologies * U.S. Citizenship is required. (no dual citizenship permitted) * Must have an active DOE Q or TS security clearance or must have the ability to obtain a DOE Q security clearance. * Bachelor's Degree in Computer Science, Information Systems, Information Security or related technical discipline OR 4 years professional IT experience may be used in lieu of degree. * Five (5) years of relevant work experience with a preference in Security/Dev Ops engineering. * Experience deploying, configuring, and managing clustered SIEM deployments. * Experience with troubleshooting and understanding common SIEM methodologies for troubleshooting. * Experience with SIEM technology in a large and clustered environment. * Understand general common schemas used within various SIEM's and how it fits into the SIEM environment. * Understand data ingestion pipelines and ability to troubleshoot data ingestion issues. * Experience with standardized and centralized logging and filtering (SIEM, syslog). * Experience on-boarding various data sources into a SIEM using multiple input techniques. * Experience developing and maintaining health monitoring for a large SIEM deployment and data sources * Experience navigating via the command-line interface. * Experience with DevOps platforms and tools such as: Jira, git, Jenkins, Ansible. * A strong understanding of git, Bitbucket, or similar technologies. * Experience with virtualization of SIEM technology on modern-day virtualization platform offerings. * Modern programming skills in any language, including version control, test-driven development, and debugging. * Knowledge, experience, and scripting skills (Bash, Python, PowerShell, etc.). * Familiarity with the fundamentals of agile project management. * Familiar with compliance frameworks, security best practices, and product security baselines. * Experience using configuration management tools in a production environment (Ansible, Chef, Puppet, etc.). * Strong IT background, including networking fundamentals and systems. * Comfortable learning independently and asking for help. * Superb written and oral communication skills. * Ability to communicate with stakeholders of varying technical and non-technical skillsets. * Must obtain and maintain the compliance with NICE 800-181 certification (e.g.CISM, CCISO, CISSP) within six (6) months following your date of hire. Preferred Experience, Education, Skills & Technologies * Splunk Enterprise Certified Architect * Splunk Enterprise Certified Admin * Splunk Certified Power User or extensive experience with Splunk dashboards, onboarding, and integrations * Linux+ or similar familiarity with Linux systems via command-line interface (CLI) * Experience onboarding a variety of vendor and custom data sources into the Common Information Model * Experience contributing to information technology and security projects, in particular projects which require coordination with developers, engineering domains, and service stakeholders. * Experience with usage and development of solutions for big data platforms such as Splunk * Experience working in a closed / highly secure / regulated environment. * Strong background in secure development principals and methodologies of software security * Familiarity with DevOps culture, policies, and practices. * Familiar with cloud computing platforms like Azure, AWS, and GCP. * Experience with automation, scripting, and programming. * Understanding of Unit Testing and Integration Testing with production experience. * Knowledge and experience of statistical methodologies * Industry certifications for security engineering, cyber security, big data analytics Certifications: * CySA+
Security+
Splunk Certified Admin
Splunk Certified Power User Security Clearance Level: * Ability to obtain a clearance (Active DOE Q OR TS clearance preferred). Work Schedule: * Hybrid * On-call engagements due to 24x7x365 monitoring and support for SOC Pay Rate * The projected compensation range for this position is $80,000 - $110,000. Please note that the salary information is a general guideline only. Criterion Systems considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/ training, key skills as well as market and business considerations when extending an offer. Benefits Offered * Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Tuition/Training Assistance, Parental Leave, Paid Time Off, and Holidays. Criterion Systems, LLC and its subsidiaries are committed to equal employment opportunity and non-discrimination at all levels of our organization. We believe in treating all applicants and employees fairly and make employment decisions without regard to any individual's protected status: race, ethnicity, color, national origin, ancestry, religion, creed, sex/gender, gender identity/gender expression, sexual orientation, physical and mental disability, marital/parental status, pregnancy (including childbirth, lactation, and related medical conditions), age, genetic information (including characteristics and testing), military and veteran status, or any other characteristic protected by law. For our complete EEO/AA and Pay Transparency statement, please visit https://careers-criterion-sys.icims.com/.
Security+
Splunk Certified Admin
Splunk Certified Power User Security Clearance Level: * Ability to obtain a clearance (Active DOE Q OR TS clearance preferred). Work Schedule: * Hybrid * On-call engagements due to 24x7x365 monitoring and support for SOC Pay Rate * The projected compensation range for this position is $80,000 - $110,000. Please note that the salary information is a general guideline only. Criterion Systems considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/ training, key skills as well as market and business considerations when extending an offer. Benefits Offered * Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Tuition/Training Assistance, Parental Leave, Paid Time Off, and Holidays. Criterion Systems, LLC and its subsidiaries are committed to equal employment opportunity and non-discrimination at all levels of our organization. We believe in treating all applicants and employees fairly and make employment decisions without regard to any individual's protected status: race, ethnicity, color, national origin, ancestry, religion, creed, sex/gender, gender identity/gender expression, sexual orientation, physical and mental disability, marital/parental status, pregnancy (including childbirth, lactation, and related medical conditions), age, genetic information (including characteristics and testing), military and veteran status, or any other characteristic protected by law. For our complete EEO/AA and Pay Transparency statement, please visit https://careers-criterion-sys.icims.com/.