Triumph Enterprises--Corporate Headquarters

  • Cyber Security Splunk Subject Matter Expert

    Job ID
    2019-2221
    Location
    US-MD-Bethesda
    Posted Date
    1 month ago(1/14/2020 7:40 PM)
    Category
    Information Technology
  • Job Description

    With employee ownership comes both responsibility and rewards.  Beyond your technical expertise (outlined below), you must be resourceful, detail-oriented, and 100% client focused, with a continuing passion for your profession. The rewards of joining Triumph Enterprises will include competitive compensation, exceptional benefits, matching 401K, and professional/training development allowances that exceed many companies of larger size and stature.  Built around four core values, our employees, managers and leadership team work collaboratively to grow and sustain a Triumph Culture where:  

    • “Client focus” has earned the trust and loyalty of our valued clients.
    • “Integrity” has earned us a reputation for doing the right thing in all situations.
    • “Imagination” and innovation has created new and exciting opportunities for both our company and our people.
    • “Employee Engagement” has resulted in benefits, promotions from within, a balanced work environment, professional development/training, social opportunities, and a culture of empowerment where our employees are as equally valued as our clients. 

    Members of this team are highly motivated, self-driven, and are given great latitude to operate. Qualified candidates must have great initiative, a positive and healthy questioning attitude, and a drive to continuously help mature SOC Operations and Incident Response (IR).  This role affords the opportunity to work with a great team while serving a fulfilling mission. 

    Beyond the required technical expertise (outlined below), the applicant must be resourceful, detail-oriented, and 100% client focused, with a continuing passion for the profession. The rewards of joining Triumph Enterprises will include competitive compensation, exceptional benefits, matching 401K, and professional/training development allowances beyond larger competitors. 

    Responsibilities

    • Apply strategic, operational, and tactical cyber intelligence to improve security operations
    • Lead and/or support efforts to prepare for, monitor, detect, analyze/confirm, contain, remediate, and recover from security incidents
    • Conduct deep analysis and hunting operations
    • Configure incident response and remediation workflows for ES
    • Develop and Implement Actionable Alerts and Workflow for Splunk as a CISO Monitoring tool
    • Develop and Implement Apps & Knowledge Objects (KO) like Dashboards, Reports, Data Models
    • Provide Analyst training and workshops on using Splunk
    • Develop and implement automation and efficiencies with Splunk
    • Communicate with customer stakeholders to include leadership, support teams, and system administrators.
    • Technical writing and creation of formal documentation such as reports, training material, and architecture diagrams.
    • Develop and build excellent relationships with prospects, clients, and internal team members.
    • Lead client calls and communications including the development of presentations, status reports, and requirements documents.
    • Experience in a rapid paced, time sensitive, high quality environment.
    • Strong problem-solving capabilities and the ability to effectively communicate solutions.
    • Ability to take direction and achieve quality results, independently strive for personal excellence when completing tasks.
    • Strong customer service focus to meet the needs of internal and external customers.
    • Professional, pleasant, and polished demeanor.
    • Ability to work collaboratively with others.
    • Ability to maintain confidentiality of sensitive information within and external to Triumph, using own judgment.
    • Strong eye for small details that make a difference.

    Qualifications / Requirements

    • BS/BA degree in information technology
    • Twelve or more years of work experience in information technology
    • Ten or more years of cyber security work experience in Threat Hunting, Splunk Content Development, and Incident Response.
    • One or more certifications in information security (such as GCIA, GCIH, CEH, CISSP, SSCP, Sec+, etc)
    • Sound cyber security knowledge foundation, to include understanding of:
    • Adversary TTPs
    • Network & Host Security
    • Splunk
    • Trend spotting, identifying intelligence knowledge gaps, and performing analysis on threat data
    • High technical ability/aptitude, demonstrated through prior technical experience and accomplishment
    • Network investigation experience, to include netflow and packet/protocol capture and analysis
    • Endpoint/host forensics experience
    • SIEM experience
    • Excellent verbal, written, and interpersonal skills.
    • Exceptionally self-motivated, directed, and detail oriented.
    • Must be able to learn, understand and apply new technologies.
    • Excellent organizational, analytical and problem-solving abilities.
    • Working knowledge of Microsoft Office (Outlook, Word, Excel, PowerPoint, Project, and SharePoint).
    • Excellent command of English language in speaking and writing.
    • Experience in a rapid paced, time sensitive, high quality environment.
    • History of ethical performance.
    • Exhibit considerable client delivery, business development, and proposal development experience.
    • Strong management, teamwork, and interpersonal skills against difficult due dates and timelines.
    • Strong written and verbal skills to effectively communicate at all levels in government and industry.

    Preferred Qualifications

    • Active Secret clearance
    • Experience and effective participation in hunt, computer network defense, real-time analysis and incident response activities, to include ability to reconstruct events from network, endpoint, and log data
    • Experience and understanding of host-based/endpoint protection systems
    • Programming/Scripting experience
    • Server administration experience

    Company Overview

     

    Triumph is an employee-owned information technology (IT) company specializing in Program Management, Administrative Services, and Network and IT Support Services. Incorporated in Virginia in 2005, Triumph has risen to meet the Federal Government’s growing need for mission-critical Cybersecurity, Business Intelligence, Analytics, Data Visualization; and Program Management expertise and cultivated a track record of success. Our pursuit of excellence is driven by an emphasis on Client Focus, Integrity, Imagination, and Employee Engagement – the Core Values that motivate and inspire our leadership, business practices, and company culture.

     

    Triumph participates in e-Verify. We provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS) with information from each new employee’s I-9 Form to confirm work authorization. Triumph is an equal opportunity employer and gives consideration for employment to qualified applicants without regard to race, color, religion, sex, national origin, disability, protected veteran status or any other status defined by law. Go to www.triumph-enterprises.com to learn more about Triumph.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed