Vacancy expired!
Note : Please reply ONLY if you1) have all the Required skill set and have worked as a "Information Security Analyst" in a large & Complex IT Environment. Prefer Public Sector Experience2) can meet the min required experience as defined under the MANDATORY Skill -
Must have 5 to 7 years hands-on experience with Splunk - Must have 5 to 7 years’ experience with Unix (RedHat), Windows, VMWare and other platforms - Working 2 to 3 years’ working experience with vulnerability scanning tool (Rapid7 Nexpose preferred)- Must have advanced understanding of database environments such as SQL, Oracle etc.3) can provide at least 3 verifiable experience from completed and/or substantially completed jobs that closely match this request + fill out a skill Matrix + Resume Certification Form4) Can go through a background check including fingerprinting + Agree to a Mandatory F-2-F interview at your own cost once you are 1 of the TOP candidates.Note that during the pandemic crisis, video interviews may replace in-person interviews.5) have A Competitive Rate and can work on-site from day one6 will be available in Nov/Dec 2021 timeframe as the Start date after a successful interview takes a minimum of 2-3 weeks.s and those authorized to work in the US are encouraged to apply. We are unable to sponsor H1b candidates at this time.NOTE: GIS will utilize the U.S. Department of Homeland Security's E-Verify system to verify the employment eligibility of all persons employed during the term of the ContractNote to Consulting Companies : ANY CONSULTANT’S RESUME YOU SEND ME “MUST” BE ON YOUR COMPANY’S PAYROLL, NO H1-VISA TRANSFER, NO PRO-MARKETING, NO SISTER COMPANY RESUMES. The resume should have the DIRECT contact info and email of the candidate otherwise the candidate will NOT be considered. ALL H1 candidates including those onwould need to provide I-797 + DL Copy (no exceptions).Each staff member assigned to this project must have a background screening that is equivalent to a Level Two (2) screening standard.This is a fixed fee/hourly based project which is inclusive of travel, lodging, per diem expenses and all other costs associated with the completion of the associated tasks.Interviews: In the event an interview is requested, in-person interviews will be conducted at the Client location. DUE TO THE PANDEMIC, interviews may be conducted remotely via Microsoft Teams. A phone interview may also be requested as a first step.Telecommuting:Telecommuting is not a long-term option for this position. AT THIS TIME, STAFF IS WORKING AN ALTERNATING SCHEDULE OF ONE WEEK ON-SITE, ONE WEEK OFF-SITE. HOWEVER, CONSULTANTS ARE EXPECTED TO REPORT TO WORK AT THE FACILITY AT THE DIRECTION OF THE MANAGER AS THE PANDEMIC RESTRICTIONS HAVE BEEN LIFTED IN THE STATE.DescriptionThis position reports to the Security Risk Compliance Office Manager (SRCO), Information Technology office. This Security Analyst is a key member of the Security Risk Compliance Office team. Incumbent will have advance knowledge of Splunk, Rapid7 Nexpose, Unix, Windows, VMWare, Databases, and Data Storage environments.Requirements: Education:- Four (4) year degree or equivalent experienceExperience:- Must have 5 to 7 years hands-on experience with Splunk- Must have 5 to 7 years’ experience with Unix (RedHat), Windows, VMWare and other platforms- Working 2 to 3 years’ working experience with vulnerability scanning tool (Rapid7 Nexpose preferred)- Must have advanced understanding of database environments such as SQL, Oracle etc.Certification:- CISSP (Certified Information Systems Security Professional)- Splunk Enterprise Certified Administrator (preferred)- Splunk Enterprise Security Certified Administrator (preferred) (SIEM Administrator)Responsibilities- Security Analyst will focus on advance Splunk administration, configuration, and development efforts, with a goal towards enhancing and further refine Splunk infrastructure as it relates to application, machine logs, troubleshooting, reporting, customer queries, and building dashboards.- Focus on continual evaluation and process improvement and maximizing Splunk capabilities to increase value to FTE’s Information Technology cross functional teams.- Assist the SRCO team with investigations, triage forensic analysis, and evidence preservation.- Perform threat intelligence and hunting by leveraging in place security tools.- Standardize Splunk agent deployment, configuration, log aggregation, and maintenance across a variety of platforms to include UNIX, Windows, VMWare, SQL, Oracle, and Data Storage environments.- Troubleshoot Splunk server and agent problems including on-point for escalation for Splunk operations support.- Monitor the agents and server infrastructure for capacity planning and optimization.- Design Splunk dashboards for monitoring PCI-DSS, Financial, including Perimeter Security environments and as required.- Design and maintain support for SaaS environments to ensure appropriate logging and monitoring is maintained.- Ensure that Splunk environment maintains a viable failover environment which is tested on a regular basis.- Perform vulnerability scans for applications, databases, and server environments aligned with PCI-DSS standards and industry best practices.- Work with respective FTE’s Information Technology cross functional teams to ensure remediation of identified vulnerabilities are remediated within timeframes outlined by PCI-DSS standards and industry best practices.- Perform cross functional training for other SRCO team members in Splunk tool management and monitoring.- Provide support to Firewall administrator work with SRCO team assist with forensic analysis, investigations.- Ensure compliance with established standards, policies, and configuration guidelines established by SRCO and industry best practices.Incumbent may be required to work before, during and/or beyond normal work hours or days in the event of an emergency. Emergency duty required of the incumbent includes working in special needs or Red Cross shelters, or performing other emergency duties including, but not limited to, responses to or threats involving any disaster or threat of disaster, man-made or natural."When replying please make sure to list your (All Inclusive) Compensation requirements "Note : This is a Full time ON SITE Contract Position Start date : Nov/Dec 2021No phone calls please.Local candidates PreferredONLY candidates with an exact match will be contactedNo relocation assistance provided.Candidates should be authorized to work in the US.