Cyber Security Engineer (Splunk UBA)

ASRC Federal, NetCentric Technology is seeking a  Splunk User Behavior Analytics (UBA) Cybersecurity Engineer II this individual will be responsible for designing, implementing, and optimizing Splunk User Behavior Analytics (UBA) solutions within the DMDC’s cybersecurity operations. This role plays a crucial part in threat detection, incident response, and the overall security posture by leveraging automation and machine learning to detect, investigate, and mitigate potential cyber threats.

Key Responsibilities:

• Develop and maintain Splunk dashboards, alerts, and reports for real-time monitoring and threat analysis.
• Design and deploy Splunk UBA solutions to enhance cybersecurity capabilities.
• Integrate UBA with various security tools to automate repetitive tasks, such as incident triage and response.
• Utilize machine learning models to identify anomalous behavior patterns and potential insider threats.
• Collaborate with SOC teams to respond to security incidents, leveraging SOAR for faster and more effective remediation.
• Create and optimize playbooks to automate response workflows and reduce incident response times.
• Ensure the Splunk UBA system is running efficiently, identifying and troubleshooting any performance issues.
• Document processes and workflows for SOAR automation, ensuring scalability and flexibility in the cybersecurity framework.
  Conduct regular security assessments to ensure Splunk UBA configurations align with industry standards and DMDC security policies.
• Ensure SIEM technologies are integrated & utilized to protect cyber related assets
• Defining how logs should be parsed
• Writing new correlation searches and Splunk queries
• Onboarding of new data sources into the SIEM
• Integration of security and system relevant data according to requirements
• Install, Operation, and Management of the SIEM platform in terms of content and usability.

Required Qualifications:

• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field. Equivalent work experience may be considered.
• Demonstrate and maintain knowledge to meet DOD 8140 requirements through education, training, or personnel certification such as but not limited to an active DoD 8570 IA baseline security certification
• 5+ years of experience in cybersecurity operations, with specific expertise in Splunk and UBA technologies.
• Strong knowledge of SIEM (Security Information and Event Management) systems and the role they play in threat detection and response.
• Expertise in scripting languages such as Python, PowerShell, or Bash to automate security tasks.
• Experience with security frameworks such as NIST, MITRE ATT&CK, or ISO 27001.
• Knowledge of network security protocols, firewalls, IDS/IPS, and endpoint protection solutions.
• Strong understanding of cyber threat intelligence and how it can be applied to detect and mitigate cyber risks.
• Active secret clearance is required

Preferred Qualifications:

• Splunk certifications (Splunk Enterprise Certified Admin, Architect, or Consultant).
• Experience with cloud security, particularly within OCI environments.

Advantages of Working at ASRC Federal:

• Learning and Development:
  After 90 days of employment, regular full-time employees are eligible for our professional development program. This includes annual funding for:

  • Pursuing Associate’s, Bachelor’s, or Graduate Degrees.
  • Obtaining industry-standard professional certifications.
  • Participating in professional certificate programs.
  • Covering registration fees for professional conferences.

• Employee Resource Groups (ERGs):
  Engage with colleagues through our ERGs, which foster networking and collaboration among individuals with shared interests, backgrounds, and experiences. Our ERGs include:

  • Women’s Impact Network (WIN).
  • Multicultural ERG.
  • Military Community (MILCOM).
  • Pride ERG for LGBTQ+ employees and allies.

• Purpose-Driven Careers:
  Join a company recognized as a:

  • Certified Great Place to Work.
  • Military Times’ Best for Vets Employer.
  • Military.com’s Top 25 Veteran Employer.

Comprehensive Benefits:

• Insurance Coverage: Comprehensive plans for medical, dental, vision, life insurance, and short-term/long-term disability.
• Paid Leave: Inclusive policies for bereavement, military obligations, and parental needs, along with 11 paid holidays annually.
• Retirement Savings: A 401(k) plan with a generous company match and immediate vesting to help secure your financial future.
• Incentives: Employee referral bonuses to reward you for helping grow the ASRC Federal Family

Embark on a career with ASRC Federal, where your growth, purpose, and well-being are at the forefront of what we do.