Security Engineer III, Splunk Content Engineer (Secret Clearance)PowerToFly • Virginia, Minnesota, United States
This job offer is no longer available
Security Engineer III, Splunk Content Engineer (Secret Clearance)
PowerToFly
- Virginia, Minnesota, United States
- Virginia, Minnesota, United States
About
Work you'll do As a Security Engineer III on the Government & Public Services team, you will be responsible for...
Implementing automation to optimize workflows and improve security response uniformity across client environments
Developing content for security platforms such as Splunk, Archer, Tanium, Trellix, FireEye, and CrowdStrike
Building, implementing, and managing security information and event management correlation rules, logic, and content
Tuning security information and event management rules and logic to reduce false positives, known errors, and expected network behavior
Creating scheduled and ad hoc reporting, maintaining event schemas, and applying customized security severity criteria
The team Deloitte's Government & Public Services (GPS) practice - our people, ideas, technology and outcomes - is designed for impact. Serving federal, state, & local government clients as well as public higher education institutions, our team of professionals brings fresh perspective to help clients anticipate disruption, reimagine the possible, and fulfill their mission promise.
Our Cyber Defense & Resilience offering assists clients in defending against advanced threats by transforming security operations, monitoring technology, data analytics, and threat intelligence. Helps manage and protect dynamic attack surfaces and provides rapid crisis and cyber incident response, ensuring clients can be ready for, respond to, and recover from business disruptions.
The Project Delivery Talent Model is designed for professionals with specialized skills that align to a current client need. Team members focus on delivering services to clients, without additional expectations related to business development or promotion. Their employment is tied to their role on a project, and they are eligible for a benefits package that is competitive for project delivery-focused professionals.
Qualifications Required
Bachelor's Degree required.
Active Secret Clearance required.
Ability to work onsite in Herndon, VA up to 3 days a week.
2+ years of experience within the following:
Developing, implementing, and managing security information and event management correlation rules and content
Experience building and implementing event correlation rules, logic, and content in a security information and event management environment
Experience tuning event correlation rules and logic to filter security events associated with known network behavior, false positives, and known errors
Experience maintaining an event schema with customized security severity criteria
Experience creating scheduled and ad hoc reporting with security information and event management tools
Experience with security information and event management technologies and event collector deployments in Windows and Linux operating environments
Ability to travel 15%, on average, based on the work you do and the clients and industries/sectors you serve.
Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.
Preferred
Experience creating content for one or more of the following tools: Splunk, Archer, Tanium, Trellix, FireEye, or CrowdStrike
Experience supporting cyber defense, security operations, or incident response environments
Experience working with government clients or within regulated environments
Experience automating security workflows and operational processes
Experience leading technical workstreams or junior team members
#J-18808-Ljbffr
Languages
- English
Notice for Users
This job was posted by one of our partners. You can view the original job source here.