• Implements, tests, and operates advanced software security techniques in compliance with technical reference architecture;
• Performs on-going security testing and code review to improve software security;
• Troubleshoots and debugs issues that arise;
• Provides engineering designs for new software solutions to help mitigate security vulnerabilities;
• Contributes to all levels of the architecture and maintains technical documentation;
• Consults team members on secure coding practices and develops a familiarity with new tools and best practices;
• Designs, implements, and maintains SIEM and SOAR solutions;
• Designs and implements threat detection, automates incident response processes, integration of various security tools with SIEM and SOAR platforms via APIs;
• Maintains SIEM applications to collect and aggregate IDS and IPS data from network sensors, raw data from collection agents, firewalls, proxy servers, DLP, antivirus, vulnerability scanner elements, and other security-relevant devices;
• Utilizes expertise in Splunk "Search" language, Splunk Dashboards, Reports, Lookup Tables, and Summary Indexes. Builds Splunk dashboards that take inputs from various data sources such as application logs / operating system logs / middleware logs / network feeds etc. and identify / highlight anomalous activities on the dashboards by their severity levels;
• Performs troubleshooting and provides assistance with the creation of Splunk search queries and dashboards.

• LEVEL III: Bachelor's degree in a related field, with five (5) to eight (8) years experience is required; OR Masters degree in a related field with three (3) to five (5) years experience years of experience; OR a PdD with zero (0) to two (2) years experience;
• Information Assurance Certifications consistent with DoD 8570.1-M IAT Level III (i.e., CISSP GCIH,or GCIA) certification is required at start;
• Active DoD-issued Top Secret clearance with SCI eligibility is required at start;
• Splunk Certified Administrator certification is strongly desired;
• Proven experience as a Splunk Administrator or similarly named Splunk focused role is required;
• Strong understanding of Splunk architecture, components, and deployment options is required;
• Proficiency in Splunk Search Processing Language (SPL) for creating complex search queries and reports is required;
• Experience with Splunk data ingestion methods, including forwarders, HTTP Event Collector (HEC), and scripted inputs are required;
• Familiarity with Splunk Enterprise Security (ES), Qumolos, and Splunk SOAR is a plus;
• Solid understanding of IT infrastructure, including networking, operating systems, and security principles is required;
• Excellent problem-solving skills and attention to detail, as well as strong communication and collaboration abilities are vital in this role.

Established in 1995, Global Business Solutions, Inc. offers customers a distinctive blend of information technology capabilities, education and training services, and information assurance solutions. Managed by a team of executive leaders experienced in the field of information technology and training services within the industry and government, GBSI prides itself on exceeding expectations. Our award-winning solutions give clients the support tools needed to successfully deliver in evolving environments with confidence.

GBSI is an affirmative action/equal opportunity employer. All Qualified applicants will receive consideration for employment without regard for race, religion, color, national origin, sex, age, status as a protected veteran, among other things, or status as a qualified individual with a disability.

This Contractor and subcontractor shall abide by the requirements of 41 CFR-60-300.5(a). This regulation prohibits discrimination against qualified protected veterans, and requires affirmative action covered prime contractors and subcontractors to employ and advance in employment qualified protected veterans.

Pay Transparency Nondiscrimination Provision:

GBSI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with GBSI’s legal duty to furnish information.

Drug Free Workplace:
We maintain a drug-free workplace and perform pre-employment substance abuse testing.