Cyber Security Engineer (Splunk UBA)nnAlexandria, VA, USA Req #140nnFriday, December 6, 2024nnASRC Federal, NetCentric Technology is seeking a Splunk User Behavior Analytics (UBA) Cybersecurity Engineer II this individual will be responsible for designing, implementing, and optimizing Splunk User Behavior Analytics (UBA) solutions within the DMDC’s cybersecurity operations. This role plays a crucial part in threat detection, incident response, and the overall security posture by leveraging automation and machine learning to detect, investigate, and mitigate potential cyber threats.nnKey Responsibilities:nnDevelop and maintain Splunk dashboards, alerts, and reports for real-time monitoring and threat analysis.nnDesign and deploy Splunk UBA solutions to enhance cybersecurity capabilities.nnIntegrate UBA with various security tools to automate repetitive tasks, such as incident triage and response.nnUtilize machine learning models to identify anomalous behavior patterns and potential insider threats.nnCollaborate with SOC teams to respond to security incidents, leveraging SOAR for faster and more effective remediation.nnCreate and optimize playbooks to automate response workflows and reduce incident response times.nnEnsure the Splunk UBA system is running efficiently, identifying and troubleshooting any performance issues.nnDocument processes and workflows for SOAR automation, ensuring scalability and flexibility in the cybersecurity framework.Conduct regular security assessments to ensure Splunk UBA configurations align with industry standards and DMDC security policies.nnEnsure SIEM technologies are integrated & utilized to protect cyber related assetsnnDefining how logs should be parsednnWriting new correlation searches and Splunk queriesnnOnboarding of new data sources into the SIEMnnIntegration of security and system relevant data according to requirementsnnInstall, Operation, and Management of the SIEM platform in terms of content and usability.nnRequired Qualifications:nnBachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field. Equivalent work experience may be considered.nnDemonstrate and maintain knowledge to meet DOD 8140 requirements through education, training, or personnel certification such as but not limited to an active DoD 8570 IA baseline security certificationnn5+ years of experience in cybersecurity operations, with specific expertise in Splunk and UBA technologies.nnStrong knowledge of SIEM (Security Information and Event Management) systems and the role they play in threat detection and response.nnExpertise in scripting languages such as Python, PowerShell, or Bash to automate security tasks.nnExperience with security frameworks such as NIST, MITRE ATT&CK, or ISO 27001.nnKnowledge of network security protocols, firewalls, IDS/IPS, and endpoint protection solutions.nnStrong understanding of cyber threat intelligence and how it can be applied to detect and mitigate cyber risks.nnActive secret clearance is requirednnPreferred Qualifications:nnSplunk certifications (Splunk Enterprise Certified Admin, Architect, or Consultant).nnExperience with cloud security, particularly within OCI environments.nnAdvantages of Working at ASRC Federal:nnLearning and Development: After 90 days of employment, regular full-time employees are eligible for our professional development program. This includes annual funding for:nnPursuing Associate’s, Bachelor’s, or Graduate Degrees.nnObtaining industry-standard professional certifications.nnParticipating in professional certificate programs.nnCovering registration fees for professional conferences.nnEmployee Resource Groups (ERGs): Engage with colleagues through our ERGs, which foster networking and collaboration among individuals with shared interests, backgrounds, and experiences. Our ERGs include:nnWomen’s Impact Network (WIN).nnMulticultural ERG.nnMilitary Community (MILCOM).nnPride ERG for LGBTQ+ employees and allies.nnPurpose-Driven Careers: Join a company recognized as a:nnCertified Great Place to Work.nnMilitary Times’ Best for Vets Employer.nnMilitary.com’s Top 25 Veteran Employer.nnComprehensive Benefits:nnInsurance Coverage: Comprehensive plans for medical, dental, vision, life insurance, and short-term/long-term disability.nnPaid Leave: Inclusive policies for bereavement, military obligations, and parental needs, along with 11 paid holidays annually.nnRetirement Savings: A 401(k) plan with a generous company match and immediate vesting to help secure your financial future.nnIncentives: Employee referral bonuses to reward you for helping grow the ASRC Federal FamilynnEmbark on a career with ASRC Federal, where your growth, purpose, and well-being are at the forefront of what we do.nnWe invest in the lives of our employees, both in and out of the workplace, by providing competitive pay and benefits packages. Benefits offered may include health care, dental, vision, life insurance; 401(k); education assistance; paid time off including PTO, holidays, and any other paid leave required by law.nnEEO StatementnnASRC Federal and its Subsidiaries are Equal Opportunity /Affirmative Action employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.nnOther detailsnnJob FamilyInformation TechnologynnJob Sub-FamilyCyber SecuritynnPay TypeSalarynnRequired EducationBachelor’s DegreennAlexandria, VA, USAnn