Perform risk assessments and Security Test & Evaluations (ST&E) of Splunk components and equipment under the IAVM and vulnerability management program. Assist with the Assessment and Authorization (A&A) of the Splunk environment.Implement and manage Splunk add-ons to enhance capabilities, such as machine learning and advanced threat detection.Develop documentation supporting management procedures and implementation guides for Splunk-based solutions. Leverage automation techniques and develop scripts to manipulate data repositories to support data and threat analysis.Analyze and make recommendations for Risk Management Framework (RMF) compliance requirements. Assist with architecting log management, and data ingest solutions to ensure they are scalable and efficient. Coordinate with the APL security operations teams and customers to build threat detection logic and dynamic operational dashboards. Participate in developing security-focused content for our Splunk implementations across five classified Department of Defense (DoD) networks.You will coordinate operational responsibilities to include security and performance. The environments consist of forwarders, indexers, search heads, centralized log servers, and varying data ingests. The Splunk Administrator will be a valued member of a team responsible for the overall engineering, operations, and maintenance of a Splunk environment spanning five classified security enclaves. We provide technical expertise to meet compliance and security objectives in environments that require Audit & Logging Operations, Incident Identification, and Incident Response Coordination. We are seeking a Splunk Administrator for APL 's Classified IT Services team.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |