GuidePoint Security - Springfield, VA
posted 2 months ago
Full-time - Mid Level
Remote - Springfield, VA
501-1,000 employees
Publishing Industries
About the position
The Cybersecurity Operations Specialist at GuidePoint Security is responsible for providing cybersecurity data analysis services, focusing on the design, development, and maintenance of Security Information Events Management (SIEM) systems. This role requires an active Top Secret/SCI clearance and involves working onsite to ensure the reliability and security of cybersecurity services for various clients, including government agencies and Fortune 500 companies.
Responsibilities
- Provide preventative and corrective maintenance to ensure consistent, reliable, and secure service availability.
- Maintain system availability and reliability with required SLA.
- Detect and ticket degradations of all SIEM data flows within required SLA.
- Perform day-to-day maintenance and scheduled maintenance activities according to agency approved change management processes.
- Execute emergency maintenance actions to prevent unacceptable outage durations.
- Perform development, engineering, testing, integration, and implementation actions for major vendor revisions.
- Conduct continuous engineering assessments to improve service performance and effectiveness.
- Configure assets in accordance with Federal, DoD, IC, and NGA laws and policies.
- Ensure proper integration and interoperability between all applicable assets in the Government Furnished Information - Software Tools list.
- Utilize agency approved ticketing systems to document and coordinate all actions.
Requirements
- Midlevel to advanced Linux administration experience (RHEL preferred).
- Experience with SIEM tools such as ArcSight, ElasticSearch, or Splunk.
- Ability to create alerting rules and manipulate SIEM filters.
- Skilled in troubleshooting event flow through an Enterprise Audit infrastructure.
- Active TS/SCI Clearance.
- DoD 8570.01-M IAT Level II and CSSP Infrastructure Support certifications.
- Experience with SIEM and Development Projects.
Nice-to-haves
- Experience with Kibana and Cribl.
- Experience developing and maintaining enterprise audit projects.
- Creation of ArcSight rules based on use cases of malicious events.
- Experience with content development within ArcSight and Kibana.
Benefits
- 100% employer-paid medical premiums (employee only $0 deductible and HSA plans) with 75% employer-paid family contributions.
- 100% employer-paid dental premiums (employee only) with 75% employer-paid family contributions.
- 12 corporate holidays and a Flexible Time Off (FTO) program.
- Healthy mobile phone and home internet allowance.
- Eligibility for retirement plan after 2 months at open enrollment.
- Pet Benefit Option.
