Cyber Data Integration Manager
valued provider of IT and cybersecurity services to the Federal government, supports the Defensive Cyber Operations – Internal Defensive Measures (DCO IDM) program for the Joint Service Provider (JSP), the main IT service provider for the Pentagon and its tenants. Our program helps ensure that the cybersecurity posture of DoD infrastructure and endpoints remains verifiably strong, and capable of detecting and repelling a wide range of threats.
Within this program, the Active Detection and Prevention (ADP) Team has responsibility for the suite of cyber tools which monitor, detect, and prevent malicious activity on JSP networks. The task of the ADP Cyber Data Integration Manager is to maintain the infrastructure components of these tools (e.g. servers, appliances) and coordinates their upgrade/migration as new technology is made available. Additionally, the Manager ensures that mission-critical data Integration tools (ArcSight ESM, Splunk Enterprise, Elasticsearch) are reliably receiving ingest from all appropriate sources on these networks in a timely fashion, and are correlating the data for the benefit of ADP analysts. The Manager works closely with these analysts to ensure that the data being harvested meets all current operational requirements.
Bachelor of Science Degree in IT related field; additional years of experience may be considered in lieu of degree
- Active Top Secret clearance with SCI eligibility
- 8+ years of experience with IDS/IPS, with 4+ years in a DoD environment
- 4+ years of experience with Splunk
- DoD 8570 IAT Level II Certification – Cisco CCNA Security, CompTIA CySA+, GIAC GICSP, GIAC GSEC, CompTIA Security+ CE, (ISC)2 SSCP
- JSP Computing Environment Certification - ArcSight/Splunk, Linux OS Cert(s)
- DoD 8570 CSSP-A Certification – EC-Council CEH, CertNexus CFR, Cisco CCNA Cyber Ops, CompTIA CySA+, GIAC GCIA, GIAC GCIH, GIAC GICSP, Cisco SCYBER
- Excellent verbal and written communication skills
- Extensive experience with administering and maintaining an enterprise ArcSight ESM or Splunk implementation
- Advanced skills in network and endpoint security data analysis
- Knowledge of how to translate cyber intelligence requirements into tool-specific solutions, leveraging all capabilities within those tools
Job Status: Contract/Temporary