Apply on Employer Site

Amentum · 2 hours ago

Senior Splunk Engineer (Warrenton, Virginia)

Warrenton, VA

Full-time

Onsite

Senior Level, Lead/Staff

$145K/yr - $165K/yr

10+ years exp

Amentum is seeking a Senior Information System Security Engineer (ISSE) to join their team in Warrenton, VA, focusing on Cyber, Security, & Intel. The role involves supporting mission-critical projects and maintaining cybersecurity tools while ensuring compliance with security requirements.

Mechanical EngineeringSecurityTechnical Support

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Experience creating custom dashboards, writing queries, building, and generating reports, and setting up alerts and notifications using all the Cyber tools (Splunk, Tenable, Trellix)

Demonstrated proficiency with recognizing and onboarding new data sources into the cyber tools and analyzing the data for anomalies and trends

Primarily responsible for maintaining the test and operational environments to include all cybersecurity tool sets and collaborating with systems and network engineers

Use knowledge, skills, and ability to conduct research for designing, integrating, and implementing security controls into current and future products/systems thus ensuring these systems can be accredited based on compliance with the Joint Special Access Program Implementation Guide (JSIG)

Recommend the components to implement system security requirements using intimate knowledge of security design best practices for information systems. throughout the system development life cycle to support the generation of the security engineering products

Assist with the design, deployment, and administration of a multi-site, distributed Splunk environment. Including Multi-site Clustering, Search Head Clustering, Universal Forwarders, Deployer, and Deployment Server

Configure, operate, and maintain Trellix and its components (ePolicy Orchestrator, Trellix Agent, Data Loss Prevention, Host Intrusion Prevention System, Policy Auditor, Asset Baseline Monitor, and Virus Scan Enterprise) on Windows and Linux creating exceptions to allow essential processes to continue uninterrupted

Administration/operation of information security compliance tools/platforms with a special concentration in managing Tenable Security Center and NESSUS

Provide Tier 1, 2, and 3 maintenance support for deployed cyber security technologies

Assist with periodic and regular security assessments

Assist with the development and maintenance of information security policies, standards, and control procedures to enable compliance with RMF

Assist with POA&M management, mitigation statement formulation, and interfacing with system administrators to resolve open findings of high and at-risk systems

Perform security assessments on hardware/software products to include physical, virtual, boundary, and security appliances

Implement continuous monitoring tools and processes, development of improvements to security assessments regarding accuracy and efficiency as well as integration of new techniques to improve the confidentiality – integrity – availability of network/operational systems at multiple classifications levels

Qualification

SplunkNESSUSTrellixCybersecurity complianceSecurity assessmentsRed Hat/LinuxVMWareCommunication skillsCritical thinkingOrganizational skillsProblem-solving skills

Required

Must have active Top-Secret clearance with SCI or TS with the ability to acquire SCI

Experience in Splunk role while working in a Splunk Clustered Environment

Knowledge and experience with NESSUS/ACAS and Trellix administration

Must be able to work a 40-hour work week, normally Monday through Friday

Ability to work overtime during critical peaks and be available to meet last-minute requests for overtime if needed

Ability to travel (5-10%) primarily within 75 miles

Familiarity with MS Office applications such as Excel, Word, Outlook, SharePoint, Project, and Visio

Exceptional attention to detail; excellent verbal and written communication skills; strong critical thinking, organizational, time-management, and problem-solving skills

Ability to work both independently and as part of a team in a dynamic environment

Bachelor's Degree in a related field (Cyber and/or Engineering)

10 years of relevant experience

Must possess, or be able to obtain, one of the following 8140 IAT Level II or III baseline certifications before a start date: Level II certs include – CCNA Security, GISCP, GSEC, Security+ CE, SSCP; Level III certs include – CASP CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH

Splunk: 10 years (Required)

Splunk Clustered environment: 10 years (Required)

NESSUS/ACAS/Trellix administration: 10 years (Required)

TS with SCI eligibility or TS/SCI clearance (Required)

IAM Level II Certification (Required)

Location: Warrenton, VA 20186 (Required)

Work Location: In person

Preferred

Ability to work within VMWare, VCenter, and Nutanix building Red Hat systems

Configure, operate, and maintain ForeScout, Tripwire and Ivanti tool suites

Possess understanding and experience with common cybersecurity toolsets and processes to include STIGS, IAVA Management and Implementation, and OPORD/FRAGO support

Demonstrated experience in analysis simulation environment, configuration/troubleshooting software/hardware enhancements, application deployments, and infrastructure upgrades in a dynamic information system hosting environment

Proficiency with Red Hat/Linux

Managing Red Hat Satellite/Ansible

At least one of the following certifications is preferred: Splunk Core Certified Advanced Power User, Splunk Enterprise Certified Administrator, Splunk Enterprise Certified Architect, Splunk Core Certified Consultant