CSSP Infrastructure Support
Apply NowCompany: Venatore LLC
Location: Coral Springs, FL 33065
Description:
Please see the following regarding input for the SIEM position:
Investigates, analyzes, and responds to cyber incidents within a network environment or enclave.
Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.
Collaborate with other team members within the JDOC to provide information to the Battle Captain.
Utilize a variety of security tools to obtain and analyze data.
Track and report on relevant data tasked by the Battle Captain or key leadership.
Develop techniques and procedures for conducting cybersecurity risk assessments and compliance audits, the evaluation and testing of hardware, firmware and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, frauds, attacks or leaks.
Ability to create alerts based on ingestion of events into Splunk SIEM
Knowledge of RHEL OS in order to patch system(s) to retain low vulnerability score
Continue to enhance SIEM visibility by ensuring ingestion of all devices on USSOUTHCOM network(s)
WHAT YOU'LL NEED TO SUCCEED:
Education: Bachelor's degree
Required Experience: 5+ years of related experience on following technologies in addition to cybersecurity - HBSS/ESS, ACAS, SIEM (Splunk)
Required Certification(s): IAT Level II and CSSP
Security Clearance Level: SECRET (upgradable to TS/SCI)
Required Skills and Abilities: Communication, problem solving, etc.
Location: On Site (No Remote)
US Citizenship Required
Investigates, analyzes, and responds to cyber incidents within a network environment or enclave.
Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.
Collaborate with other team members within the JDOC to provide information to the Battle Captain.
Utilize a variety of security tools to obtain and analyze data.
Track and report on relevant data tasked by the Battle Captain or key leadership.
Develop techniques and procedures for conducting cybersecurity risk assessments and compliance audits, the evaluation and testing of hardware, firmware and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, frauds, attacks or leaks.
Ability to create alerts based on ingestion of events into Splunk SIEM
Knowledge of RHEL OS in order to patch system(s) to retain low vulnerability score
Continue to enhance SIEM visibility by ensuring ingestion of all devices on USSOUTHCOM network(s)
WHAT YOU'LL NEED TO SUCCEED:
Education: Bachelor's degree
Required Experience: 5+ years of related experience on following technologies in addition to cybersecurity - HBSS/ESS, ACAS, SIEM (Splunk)
Required Certification(s): IAT Level II and CSSP
Security Clearance Level: SECRET (upgradable to TS/SCI)
Required Skills and Abilities: Communication, problem solving, etc.
Location: On Site (No Remote)
US Citizenship Required