Splunk Security Engineer

Job Description:

The United States Department of Agriculture (USDA), Office of the Chief Information Officer (OCIO), Information Security Center (ISC) serves and supports USDA Agencies and Offices by helping to protect mission-critical assets and information, thereby securing the Country’s diverse food, agriculture, rural and natural resources programs. The ISC monitors and protects USDA’s systems by keeping abreast of new threats to both existing and new technologies and continually monitoring the USDA information technology enterprise to ensure USDA Agencies and Offices computing environments remain secure. The OCIO provides leadership in the development, implementation, and management of security solutions into the everyday business of the Department to ensure the confidentiality, integrity, and availability of the United States Department of Agriculture (USDA) data and information systems.

OCIO’s security functions include, but are not limited to a) Security operations b) Incident management c) Vulnerability management d) Continuous monitoring e) Incident detection f) Threat hunting and analysis g) Security architecture and engineering h) Perimeter security i) j) Network access controls Intrusion prevention and detection k) Security logging l) Enterprise scanning m) Host security n) Directory services for Cloud o) Mainframe security

Duties/ Responsibilities

Dynamo Technologies, LLC is seeking a Logging / SIEM Program/Splunk Security Software Engineer to execute and support the implementation of a successful Cybersecurity program.

• The Splunk engineer will work with other Cybersecurity Engineering team members and will be required to interact with end users to gather requirements, perform troubleshooting, and provide assistance with the creation of Splunk search queries and dashboards.
• Onboarding new data sources into Splunk, analyzing the data for anomalies and trends, and building dashboards highlighting the key trends of the data
• The Splunk engineer will be required interact with senior management, as necessary.
• Provide guidance and support security activities while building relationships with key personnel
• Provide guidance, support, and mentoring to Splunk Engineers that have varying levels of expertise
• Document and inform management with information about security information and event management
• Remote management and troubleshooting of workstations and servers
• Provide expert research and analysis in support of expanding programs and area of responsibility
• Assess information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands
• Apply know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures
• Perform analysis of security features for system architectures
• Perform management and coordination tasks
• Provide agency with knowledge and guidance in following NIST, FISMA, Agency Information Security and Privacy, and Cloud Guidelines

Required Skills/Abilities

• 3 years of experience with enterprise class Splunk in a complex environment
• Strong knowledge of Splunk SPL language.
• Splunk Administrator certification, must be attained within 6 months of hiring
• In addition to Splunk, knowledge of other various SIEM tools and log management technologies Syslog, LogRhythm, and ELK as well as the implementation of such technologies
• Experience in working with both Linux and Windows operating systems
• Experience demonstrating strong analytical, troubleshooting, and problem-solving skills for security information and event management
• Excellent communication skills, both written and oral
• Knowledge of NIST, FISMA, and Cloud Environments
• Ability to obtain a Public Trust government security clearance
• U.S Citizenship required

Nice to Have Skills

• Knowledge of Information Security and Privacy guidelines
• Understanding of Various Cloud Environments
• Cybersecurity related certifications such as Security+ preferred, but not required
• Four years of federal security support experience preferred, but not required
• Exposure to working with a Security Operations Center a plus.

Education and Experience:

• 4-year college degree in Computer Science or related field or 5 years’ experience in lieu of a college degree

Travel Requirement:

• Remote work available

Clearance Requirement:

• Public Trust

Salary Range:

100k-110k

Dynamo is a full lifecycle digital transformation company providing best-in-class technology and mission support services to our clients. An SBA 8(a) Program participant, Dynamo maintains SBA 8(a) Mentor-Protégé Program Joint Ventures, providing us significant scale and further deepening our capabilities. Dynamo’s mission is to lead the digital transformation industry and provide best-in-class solutions for our clients with a truly human touch. ​

We leverage industry leading practices to empower our clients, ultimately providing them with the necessary tools, knowledge, and information required to successfully achieve their strategic goals, while optimizing their operations. ​

Through our partnerships, boldness, and authenticity, Dynamo goes against the grain of a traditional government contracting company by providing top-caliber team members, delivering quality results, and always exceeding expectations.

Dynamo Technologies is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.