Job ID: VA-752757 (99791219)
Remote/Local Splunk Admin/Cybersecurity Engineer (12+) with PenTest, NIST, Vulnerability mitigation, UF, HA, firewalls/IDS/UPS/syslog device, Java/.net and scripting experience
Location: Richmond, VA (VDH)
Duration: 6 Months
Position: 1(2)
Skills:
Splunk Admin Required 3 Years
PenTest Required 4 Years
Risk Assessment Desired 3 Years
NIST 800-53 Desired 3 Years
Security Awareness Required 2 Years
Vulnerability Management Required 2 Years
Team Player Required 4 Years
Description:
Perform PenTest on all agency applications and Admin for Splunk.
Pentest
PerformPentest on VDH Application in a timely manner.
Testing:Performing remote or onsite tests on all VDH systems, networks, and applications to identify security weaknesses
Analyzing:Analyze the vulnerabilities and mitigation methods
Reporting:Provide reports which include findings, risks, and conclusions
Advising:Recommend security improvements and methods to mitigate security risks
Collaborating:Working with VDH IT to determine their testing requirements
Creating:Creating and implementing new penetration testing methods, scripts, and tool Splunk
Management of Data Collection Infrastructure
Deployment Server management to distribute Splunk Universal Forwarder (UF) instances
Syslog servers that collect data from infrastructure systems (firewalls, IDS, UPS or other syslog generating device)
Splunk heavy forwarders which can collect information from various databases or third-party systems
Splunk HTTP event collector to obtain data from custom applications (Java, .net, JavaScript, or other web apps), and
When used, Splunk Stream to capture wire data and output raw or statistical information about the data.
Re-architecture of Syslog aggregation for Splunk or extensive modification to Syslog configuration (configuring new storage, building for high availability, etc.)
Expanding log source collection of an existing source type
Custom script development (e.g., for data collection or integration to non-standard products)