Splunk / Python Integration Engineer
999 REMOTE
What You’ll Get to Do
CACI is seeking a Splunk/Python Integration Engineer to support cybersecurity data collection, analysis, and mitigation. The work will include support for cybersecurity-related projects that encompass automated event identification and incident response, cybersecurity implementation into a Splunk data-lake, analysis of data derived from cybersecurity tools and use the results of that analysis towards developing enhanced and automated queries, and preparation of presentation materials for Government managers. The engineer will also work with the Integration Layer Architecture to develop an approach for expanding the scope of the existing data integration layer to accommodate data from an expanded set of data sources and data fields, as a part of a future solution deployment.
This position will support the Continuous Diagnostics and Mitigation (CDM) Program’s mission to safeguard and secure cyberspace in an environment where the threat of cyber-attack is continuously growing and evolving and is responsible for enhancing the security, resilience, and reliability of the Nation’s cyber and communications infrastructure. The CDM Program defends the United States (U.S.) Federal Information Technology (IT) networks from cybersecurity threats by providing continuous monitoring sensors (tools), diagnosis, mitigation tools, and associated services to strengthen the security posture of Government networks. This is a remote position where the candidate can work from any location within the United States, provided they are able to work on an eastern time zone schedule.
More About the Role
- Engineer, implement and monitor Splunk security measures for the protection of computer systems, networks, and information
- Identify and define system data collection requirements
- Design computer security architecture and develop detailed cyber security designs using Splunk or other similar tools with breakthrough technology solutions
- Create Python scripts to query data sets and integrate the data into dashboard solutions
- Deploy Splunk into virtual and cloud environments (AWS and Azure)Prepare and document standard operating procedures and protocols for all designed and developed solutions that ensures detailed project documentation
- Develop technical solutions and investigate new security tools to help mitigate security vulnerabilities and automate repeatable reports using Splunk data-lake or other similar tools
- Develop query mechanisms using Splunk within hours of receiving a data request
You’ll Bring These Qualifications
- Must be a US citizen and pass a background investigation. …
This job isn't fresh anymore!
Search Fresh JobsJob Profile
Countries Benefits/PerksBest Place to Work Character-based culture Competitive benefits Competitive compensation Flexibility Learning and development opportunities Mission-oriented
SkillsABAC Agile Ansible AWS Azure CISCO Cloud Cloud environments Confluence Cybersecurity Data analysis Data Integration Development Methodologies DevOps Documentation Firewalls Git GitLab Information Technology Intrusion detection systems Investigation Jira Juniper Linux Machine Learning Monitoring Monitoring tools Network Design Network security Python RBAC REST REST API RHEL Role-based Access Control Security ServiceNow Software Development Splunk VMWare Windows Windows Server
Tasks- Problem solving
Computer Science Information Technology Related Field
Certifications RestrictionsAble to work on an eastern time zone schedule Must be a U.S. Citizen
Timezones