SSi has principals that are an integral part of the organizations characteristic and are fundamentally essential to the shaping of everyday activities that connect to our broader mission and vision. As an organization SSi is committed to:
Foster a culture of innovative and out of the box thinking:
We fundamentally understand that each employee has something unique to offer to the organization. We foster a culture that nourishes innovation by empowering staff, leverages their passions, and encompasses a circle of trust where it’s all about thinking of new ideas and getting good feedback.
Invest in our Resources
Employees are essential, their physical and mental well-being are pivotal to the growth of our organization. Our company culture, productivity, and overall employee happiness stem directly from how much training, responsibility, and empowerment they have within our organization. Our focus is on improving the growth of individual through education, allowing them to play central roles, so they can grow and add value to the company.
Provide solutions that are in the best interest of the customer and improve their strategic posture
We are in business to serve our customers and do what is in their best interest. Our philosophy is to offer services that are complete. We strive to provide services that do more than meets the eye, to achieve more than superficial results and to help the business improve in areas that they may not have considered.
Give thoughtful considerations to our actions and their affects
We give thoughtful consideration to each other’s differences and opinions. We must give our individual best to get the job done right. Everyone is accountable for their behaviors, exercising rational judgment, and giving thoughtful consideration to their professional activities and decisions.
Currently we have an immediate need to add an experienced professional to our staff:
• Conceptualize, Design, Build, and Maintain current and future ESOC supported tools and platforms.
• Manage multiple assignments, changing priorities, and work independently with little oversight.
• Provide direct support for onboarding data into Splunk via forwarder, scripted inputs, TCP/UDP and modular inputs from sources such as FireEye, BlueCoat proxies, Big IP, Cisco, Palo Alto, host syslogs, etc.
• Support all support, guidance and develop processes to evaluate and improve all operating systems, hardware support, software, firmware solutions and provide advisement concerning future purchase of the same.
• Create, manage, and support automation solutions for Splunk deployment and orchestration within a Cloud environment.
• Work closely with senior engineers, other team members and application owners to solve technical problems at the network, system and application levels.
• Conduct periodic architectural reviews of installed sensors to assess effectiveness and propose optimal installation alternatives as required.
• Conduct network security architecture reviews to determine the size, and placement of intrusion monitoring equipment during the customer onboarding process.
• Conduct periodic reviews of sensor metric reports to evaluate and prioritize sensors for review and assessment.
• Assists in interviews to identify and make recommendations for security tools, systems and capabilities to meet customer security requirements.
• Documentation and Reporting along with presentation, teamwork and DHS wide collaboration are among the expected duties and mission of the task order.
• At least three (3) years of experience with Splunk.
• Experience onboarding data into Splunk via forwarder, scripted inputs, TCP/UDP and modular inputs from a variety of sources.
• General networking and security troubleshooting (firewalls, routing, NAT, etc.)
• Splunk architecture/design, implementation, and troubleshooting experience
• Experience in managing, maintaining, and administering multi-site indexer cluster
• Scripting and development skills (BASH, python, or java) with strong knowledge of regular expressions
• Proficiency developing log ingestion and aggregation strategies per Splunk best practices
• Expertise developing security-focused content for Splunk, including creation of complex threat detection log and operational dashboards
• Perform integration activities to configure, connect, and pull data with 3rd party software APIs.
• Ability to autonomously prioritize and successfully deliver across a portfolio of projects
• Undertakes day-to-day operational and user support
• Department of Homeland Security ESOC employees are required to obtain an Entry on Duty (EOD) clearance to support this program.
• Splunk Enterprise Security experience
• Certified Splunk Architect
• Experience with GitLab or GitHub or other version control system
• Experience with Ansible tower and/or writing ansible playbooks
• Familiarity with multi-tenancy customer support and design
SSi is an equal opportunity employer regardless of race, color, religion, creed, sex, marital status, national origin, disability, age, veteran status, on-the-job injury, sexual orientation, political affiliation or belief. Employment decisions are made without consideration of these or any other factors that employers are prohibited by law from considering. Any discriminatory action can be a cause for disciplinary action. SSi also prohibits discrimination against individuals with disabilities and will reasonably accommodate applicants with a disability, upon request, and will also ensure reasonable accommodation for employees with a disability. VETS are encouraged to apply.