AbleVets

  • Technical Manager - Cyber Security Network Analytics and Technology Support

    Job Locations US-Martinsburg, WV
    Job ID 2018-1674
  • Overview

    AbleVets, LLC is a fast-growing Service Disabled Veteran Owned Small Business (SDVOSB) providing healthcare information technology services and resources to help the Veterans Affairs (VA) and Department of Defense (DoD) improve the lives of the people they serve. AbleVets has an opportunity for an experienced, motivated Technology Manager to support our VA customer.  The position is located on-site at the customer's facility in Martinsburg, WV. 

     

    The Technical Cyber Security Network Analytics Technology Manager will be responsible for a team of 12 SOC technology support engineers across 3 US locations who provide:

    • A CSOC enterprise SIEM/Splunk capability in the form of newly created, tested, and optimized (removing “false positives”) use cases for deployment on the VA Splunk platform
    • Threat analysis support for a number of VA security devices (e.g., Sourcefire, Palo Alto, IDS, etc.) and technology updates including recommendations to the VA IT organization for security policies and configurations

    This individual will report directly to the Cyber Technology Support Task Area lead.

    Essential Functions and Job Responsibilities

    The successful candidate must be well-versed in security operations, cyber security tools, intrusion detection, and secured networks. They will be responsible for all aspects of security device management, identifying and recommending optimizations to security configurations, and supporting security analytics through tailored detection, analysis, and response services to include the development of custom use cases.

     

    Duties and responsibilities may include, but are not limited to:

    • "Hands-on" leadership of a cross-functional Splunk Enterprise Solution working group consisting of platform providers; senior analytic team members; project managers; and "eyes on glass" staff that develop and use the SIEM capability. The mission of the working group is to advance the VA's leverage of the Splunk ES capability by creating and refining use cases; stabilizing and tuning the core platform; and making sure all stakeholders are well informed and engaged in bringing this capability to fruition
    • Providing technical leadership to the Cyber Hunt and Threat Analysis team as input to new use case requirements
    • Providing technical guidance and support to the Sensor Monitoring Team who use the Splunk use cases
    • Providing cyber technical support to the IT Operations Group in their deployment/use of various network security devices
    • Providing technical guidance and support to both a local team in Martinsburg WV and to remote workers in Washington DC and Hines IL (12 total)
    • Providing "hands-on" Splunk ES training to staff 
    • Briefing and providing professional demonstrations of incremental capability improvement to senior members of the Veterans Affairs (VA)
    • Configuring Splunk Enterprise Security (ES) environments to include all ES software used to conduct SIEM related functions, to ensure that reporting and alerts are pro-active and effective in bringing abnormal conditions to the attention of leadership.
    • Tuning the Splunk ES environment to include all ES software used to conduct SIEM related functions to ensure that notable events, and other intelligence-based analytics enhance the reporting and alerting capabilities of the ES environment. 
    • Working directly with third party solution providers for required fixes and support 
    • Providing technical support for new detection capabilities, recommendations to improve upon existing tools/capabilities to protect the VA network, and assessments for High Value Assets 
    • Demonstrating a strength identifying issues and determining when escalation is required

    Qualifications

    • Bachelor's degree or higher in Information Technology or other engineering or technical discipline and at least 6 years IT experience to include a minimum of 4 years advanced Cyber Threat Information experience. Four years of relevant experience may be substituted for the degree requirement with professional certification (e.g., CISSP, GREM or GCIH) 
    • Certification (or ability to obtain certification within 120 days at the company's expense) in at least two of the following areas: At least one of 1) SPLUNK Certified Administrator or Splunk Certified Architect, and at least one of 3) SourceFire Certified Professional (SnortCP), 4) CISSP, 5) Palo Alto Accredited Configuration Engineer (ACE). A candidate will be given 120 days to obtain the required certifications.
    • Experience with advanced cyber security tools, network topologies, intrusion detection, PKI, and secured networks 
    • In depth understanding of NIST SP 800-61, US CERT and Office of Management and Budget (OMB) standards 
    • Experience interpreting and implementing cyber security regulations 
    • Excellent verbal communication skills 
    • Strong customer relationship skills
    • Outstanding written skills for preparing reports and briefings 
    • Excellent analytical and problem solving skills 
    • Must be able to obtain and maintain a U.S. Government security clearance (Public Trust) which will require successful completion of a background check and fingerprinting

    EEO Statement

    AbleVets LLC appreciates your interest in our company as a place of employment.  We are proud to be an equal opportunity/affirmative action employer and are committed to hiring and retaining a diverse workforce.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability, veteran status, or any other protected class.  AbleVets is a VEVRAA Federal Contractor.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed