ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a customer-oriented Enterprise Architect to join our team in the Reston, VA area to provide unparalleled support in the federal market. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market.

 

Roles and Responsibilities

• Lead the technical engagements to assess client business and technical objectives, determine deliverables, evaluate risk and execute projects effectively
• Lead the development of cyber security architecture and designs of enterprise IT COTS security solutions into geographically dispersed data centers
• Align standards, frameworks and security with overall business and technology strategy
• Conduct design and discovery workshops with multiple stakeholders
• Create solutions that balance business requirements with information and cyber security requirements
• Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
• Ensure that mapping of data elements provided by COTSproducts to the Logical Data Model
• Ensure that designs are effective in delivering cyber security data & information to multiple dashboard
• Ensure ShorePoint and DHS CDM policies and procedures are followed via audits and other inspection mechanisms.
• Lead and/or support the development of solution product costs for procurement
• Work internally to develop strategic plans for architecture, engineering, integration, and dashboard
• Provide reporting and feedback to senior management as required
• Document, manage, and report on project risks and opportunities
• Assist in rectifying issues and improving service in faltering/failing projects
• Identify and communicate current and emerging security threats
• Other duties as assigned

 

Required Skills

• Experience implementing multiple types of technical solutions using COTS security tools in complex and heterogeneous IT data centers that are geographically dispersed.
• Must be able to clearly articulate your experience in:

Architecting, designing, engineering, integrating, configuring, and deploying COTS solutions into data centers

• Understanding of Disaster Recovery and Business Continuity Planning and their impacts to technical designs
• Understanding of 2 or more of these IT/Security functions; asset management, vulnerability management, identity and access management, network protections, and data protection
• Leading enterprise IT solution activities from cradle to grave
• Understanding the data sets or information provided by COTS tools in support of the needs of the organization

• Experience collaborating with Agencies to mature operational processes, reduce redundancies, and develop innovative solutions
• Experience understanding organizational needs, proposing solutions, and managing project execution efforts designed to deliver overall program benefits for Government Agencies
• Experience collaborating with US Government Agencies, state or local governments, or commercial entities to develop IT service program maturity in accordance with Federal IT mandates and best practices
• Strong experience in ensuring customer satisfaction, problem resolution, and risk management on several medium to large projects
• Experience in conducting assessments of an Enterprise by reviewing technical documentations, conducting interviews and workshops to identify gaps and developing a tailored solution is highly desired
• Demonstrated experience in security solution design using existing and emerging technologies to achieve enterprise solutions

Desired Skills

• Microsoft Applications (Word, PowerPoint, Excel)
• JIRA experience
• Ability to present to senior leadership and the client

 

Education and Years of Experience Requirement

• Must have a BS (technical field) and 5 years of relevant experience

 

Certificaiton Requirement

• Must hold a security certification: CISSP, Azure Architect, AWS Architect, Google Cloud Architect, CCIE, CCSP, Security+, CCNA/CCNP Security, CISA, VCP, GSE, SCNA, GCIH, and/or GLSC highly desirable

Location

• Reston, VA, (REMOTE)

Security Clearance

• Must be clearable to DHS EOD

ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a customer-oriented Cloud Architect to join our team in the Reston, VA area to provide unparalleled support in the federal market. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market.

 

Roles and Responsibilities

• Provide subject matter expertise in the areas of cloud, network, and security architectures and technologies
• Provide technical oversight in the development of enterprise security architecture solutions
• Lead technical engagement to assess clients’ business and technical objectives, determine deliverables, evaluate risks, and recommend implementation approaches
• Lead the development of cyber security architecture and designs of enterprise IT COTS security solutions into geographically dispersed data centers
• Align standards, frameworks and security with overall business and technology strategy
• Create solutions that balance business requirements with information and cyber security requirements
• Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
• Ensure that mapping of data elements provided by COTS products to the Logical Data Model
• Ensure that designs are effective in delivering cyber security data and information to risk management dashboards
• Ensure ShorePoint and DHS CDM policies and procedures are followed via audits and other inspection mechanisms
• Lead and/or support the development of solution product costs for procurement
• Work internally to develop strategic plans for architecture, engineering, integration, and dashboard
• Report and provide feedback to senior management as required
• Document, manage, and report on project risks and opportunities
• Assist in rectifying issues and improving service in faltering/failing projects
• Identify and communicate current and emerging security threats
• Other duties as assigned

 

Required Skills

• Experience implementing technical solutions using COTS security tools in complex cloud-based, on-premises, and hybrid environments. Demonstrated experience:
• Architecting, designing, engineering, integrating, configuring, and deploying COTS solutions
• Understanding of 2 or more of these IT/Security functions; asset management, vulnerability management, identity and access management, network security, and data protection.
• Leading enterprise IT solution activities from conceptual design to deployment and sustainment
• Understanding the data sets or information provided by COTS tools in support of the needs of the organization
• Understanding of Cloud Access Security Brokers, Cloud Security Posture Management, and Cloud Asset Management technologies.
• Understanding of Zero Trust Architecture and solutions
• Experience with automation tools such as Ansible, Puppet, Chef and DevOps practices
• Experience with Infrastructure as Code (IaC) tools such as CloudFormation, TerraForm, Azure ARM templates
• Experience architecting or engineering in Federal Government networks
• Experience supporting an ISSO/ISSM in the development of Security Authorization requirements by providing technical expertise of system implementation. Includes providing technical evidence in support of A&A processes. Includes experience with NIST RMF
• Demonstrated experience in security solution design using existing as well as emerging technologies to deliver enterprise solutions
• Must be able to articulate emerging cybersecurity, Cloud, or other IT technology trends
• Strong understanding of industry best practices related to the implementation of cybersecurity tools, information security policy, NIST, and FISMA controls
• Experience collaborating with Federal clients to mature operational processes, reduce redundancies, and develop innovative solutions
• Experience understanding organizational needs, proposing solutions, and managing project execution efforts designed to deliver overall program benefits for Government Agencies
• Demonstrated experience in problem resolution and risk management, ensuring customer satisfaction in the delivery of medium to large projects
• Experience in conducting assessments of an Enterprise by reviewing technical documentation, conducting interviews and workshops to identify gaps and develop tailored solutions

Desired Skills

• Microsoft Applications (Word, PowerPoint, Excel)
• JIRA experience
• Ability to present to senior leadership and the client

 

Education and Years of Experience Requirement

• Must have a BS (technical field) and 3 years of relevant experience

 

Certification Requirement

• Must hold a security certification: CISSP, Azure Architect, AWS Architect, Google Cloud Architect, CCIE, CCSP, Security+, CCNA/CCNP Security, CISA, VCP, GSE, SCNA, GCIH, and/or GLSC highly desirable

Location

• Reston, VA, (REMOTE)

Security Clearance

• Must be clearable to DHS EOD

ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a customer-oriented Splunk Engineer to join our team in the Reston, VA area to provide unparalleled support in the federal market. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market.

 

This position requires thorough knowledge of Splunk architectures, design approaches, tools, and techniques employed to reduce the client’s cyber security risk posture. The successful candidate will bring a consultative approach to solving our clients’ cyber security problems, coupled with demonstrated experience implementing enterprise cybersecurity solutions utilizing cloud-based tools for Federal government clients.

 

Roles and Responsibilities

• Work to integrate sensor tools with Splunk via vendor-supported Add-Ons and Modules or custom API connections
• Work with design and operations teams to facilitate log ingestion and analysis
• Participate in requirements gathering, prototyping, architecture, and triaging of operational issues
• Maintains, upgrades, advises and cross-trains team members on the operation of the Splunk platform
• Worked in or developed Splunk database connections to a middleware application such as Logstash, Elasticsearch engines
• Provide Splunk product expertise, assisting and advising management on issues related to the platform
• Provides strategic support for Splunk installation, integration, deployment, configuration and maintenance
• Responsible for design and implementation of Splunk infrastructure, deployment, configuration and maintenance
• Monitor Splunk internal logs to identify and resolve potential vulnerability and performance issues
• Create customized dashboard panels for specific urgent requests from internal teams and external customers
• Design, engineer, configure and administer Splunk content
• Responsible for proper operation and performance of Splunk, loggers, connectors and forwarders
• Responsible for integration of logs and data feeds into Splunk through various methodologies, e.g. via syslog connectors, utilizing DBConnect to pull data from on-site databases
• Responsible for developing filters to assist in the identification of significant events
• Responsible for maintenance of related Standard Operating Procedures (SOPs) and design documents
• Responsible for writing and developing custom scripts, reports and programs as needed
• Identify and establish metrics between and among the Dashboard and integration layers of the CDM solution to support CDM goals and objectives, as well as DHS-mandated performance requirements.
• Accomplish extract, transform, and load operations to retrieve enrichment content from existing hardware, software, system boundary inventories.
• Develop and maintain detailed installation documentation and SOPs as required.
• Ability to troubleshoot broad-ranging issues (operating systems, network, firewall, COTS products, access and authentication.
• Provide tool operations and maintenance support, Tier 3 customer support, and act as the subject matter expert.
• Provide Tier 3 support to customers and act as the subject matter expert.
• Provide mentoring and support to other engineers.

 

Required Skills

• Strong analytical skills to enable effective troubleshooting
• Experience leading technical discussions with internal and external customers
• Experience with data ingestion and normalization within Splunk Enterprise
• Experience collaborating with Federal clients to mature operational processes, reduce redundancies, and develop innovative solutions
• Experience understanding organizational needs, proposing solutions, and managing project execution efforts designed to deliver overall program benefits for Government Agencies
• Demonstrated experience in problem resolution and risk management, ensuring customer satisfaction in the delivery of medium to large projects
• Experience in conducting assessments of an Enterprise by reviewing technical documentation, conducting interviews and workshops to identify gaps and develop tailored solutions

Desired Skills

• Microsoft Applications (Word, PowerPoint, Excel)
• JIRA experience
• Ability to present to senior leadership and the client

 

Education and Years of Experience Requirement

• 10 years of experience in Information Technology
• 3-5 years of hands-on experience with the design and implementation of Splunk Enterprise
• Bachelor’s degree in a technical field

 

Certificaiton Requirement

• Splunk Enterprise Certified Architect certification preferred
• Security+, CCNA/CCNP Security, CISA, or other is highly desirable

Location

• Reston, VA, (REMOTE)

Security Clearance

• Must be clearable to DHS EOD

ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a Cybersecurity Engineer who have experience designing, deploying and operating security tools in the federal market. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market.

 

Roles and Responsibilities

• Design, deploy, operate and maintain CDM tools and new capabilities in enterprise on premise and Cloud environments including: ForeScout, McAfee ePO (MVM and Application Control), IBM Big Fix, Service Now, RedHat FUSE, Splunk, Tenable Security Center, Vormetric, SailPoint, CyberArk, Venafi, Elastic, IBM MaaS360, AirWatch, Microsoft Intune, or equivalent security tools and products as required
• Develop installation, configuration, and deployment methods including scripting, use of APIs, orchestration, automation, and database services to support the integration and configuration of CDM applications and security technologies
• Work with architects, integration engineers, and developers to design solutions and improve data quality, security, and compliance or extend current capabilities and offerings to customers
• Work closely with management support teams and customer network and operations teams to establish and document requirements to complete implementation and configuration tasks
• Ability to perform extract, transform, and load (ETL) operations to retrieve and enrich data from existing hardware, software, vulnerability, configuration settings, privilege management, credential management, trust, and behave/training systems
• Assess system designs to validate them against expected technical parameters
• Create solutions to improve data quality, security, and compliance or extend current capabilities and offerings to customers
• Identify, analyze, define, and coordinate user, customer, and stakeholder needs and translates them into enterprise hardware and software requirements
• Identify and manage solution dependencies with other systems and elements of the enterprise IT infrastructure
• Identify technical risks and develop mitigation strategies
• Perform functional, requirements and product analysis, assist to establish interface definitions and translate customer needs into hardware and software requirements
• Perform data validation, analysis, warehousing, and data mining
• Accomplish extract, transform, and load operations to retrieve enrichment content from existing hardware, software, system boundary inventories
• Develop and maintain detailed installation documentation and SOPs as required
• Experience working with databases (Microsoft SQL Server), understanding of DB structures, data types, and creating complex SQL DB queries
• Ability to troubleshoot broad-ranging issues (operating systems, network, firewall, COTS products, access and authentication
• Provide tool operations and maintenance support, Tier 3 customer support, and act as the subject matter expert
• Provide Tier 3 support to customers and act as the subject matter expert
• Provide mentoring and support to other engineers

 

Desired Skills

• Experience with 3rd party tool integration using APIs and Database connections
• Ability to troubleshoot wide-ranging issues that cross team boundaries (OS, hardware, network, storage, firewall, COTS layers, customer access/authentication)
• In-depth experience with integrated security system architecture using general IT security concepts, network security and monitoring practices/methodologies
• Experience presenting material to senior management level and proficiency in the use of Microsoft Office applications
• Applicable Vendor Certified Administration certification is a plus
• Security+ and/or equivalent related IT Certification
• Effective communications skills, both oral and written
• Experience leading technical discussions with internal and external customers
• Experience in one or more scripting or programming language: Python, Java, UNIX shell, PowerShell
• Experience and use of the key technologies relevant to API and application configuration or integration including SSL, DHCP, Active Directory, LDAP, JDBC, ODBC
• Understanding and use of Microsoft SQL database, database definition, procedures, and advanced SQL
• Understanding of networking technologies including LAN/WAN, wireless, and VPN.
• Understanding of security design, network security architecture, network topology, and understanding of TCP/IP protocols; OSI model
• Experience with DHS Continuous Diagnostics and Mitigation (CDM) a plus
• Experience with AWS Cloud, Azure Cloud, or Cloud implementations and environments
• Extensive experience analyzing information technology and system risk in complex environments and articulating results (verbal/reports) to all levels of management
• Ability to research and address information security issues as required as an authority on the subject

Years of Experience Requirement

• 10 years of experience in Information Technology
• 3-5 years of hands-on experience with the design and implementation of cyber security tools

Location

• Reston, VA

Security Clearance

• Must be a U.S Citizen

ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking an experienced Elasticsearch (Elastic/ELK/ECE) Engineer to join our team in Reston, VA to provide unparalleled support to our customer through the Continuous Diagnostic & Mitigation (CDM) Program. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market.

 

Roles and Responsibilities

• Be responsible for working with the Dashboard, Integration, and Architecture teams to design, document, build, secure, and maintain Elasticsearch, Logstash, Kibana (and X-Pack) Enterprise solutions deployed in the Cloud or on-premise Lab environment to support federal agency production deployments.
• Work closely with architects, engineers, and integrators to assess customer requirements and to design and support an Elasticsearch Stack solution to ensure compliance with dashboard data requirements.
• Follow life cycle processes to move solutions from Dev to Test to Production.
• Participate in group sessions as well as attend and share in agile sprint daily meetings in order to track progress to ensure development of solutions is in support of the CDM project and customer requirements.
• Serve as a trusted advisor, providing subject matter expertise, guidance, and best practice recommendations.
• Configure and maintain Linux based Operating system files in support of the Elasticsearch products (yum updates and product version upgrades)
• Install and configure an Elastic Cloud Enterprise solution in a lab and ensuring communication and integration among the Elasticsearch products and data sources
• Document the installation and configuration for deployment into production
• Secure the solution by being familiarity with TLS, certificates, SSO/PIV authentication, and encryption technologies
• Work with the data lifecycle management team
• Test data flows, troubleshooting issues, and monitoring the health of the solution and servers to maximize performance and minimize downtime
• Work with a team and provide analysis of alternatives and progress status in daily sprint meetings
• Meet professional obligations through efficient work habits such as, meeting deadlines, honoring schedules, coordinating resources and meetings in an effective and timely manner
• Develop and manage effective working relationships with other departments, groups, and personnel with whom work must be coordinated or interface
• Recommend enhancements and modifications to optimize business intelligence processes

 

Required Skills

• Software Development using Java with an IDE (e.g. Eclipse, CodeReady)
• Parsing File formats (e.g., JSON, XML, and CSV)
• SQL SERVER database design, programming, tuning, writing SQL queries/procedures
• Developing/automating test procedures
• Web services client development using REST API
• Release Management and build tools (e.g., Maven, Jenkins) and configuration tools (e.g., SVN)
• Secure coding practices including use of encryption (e.g., Certificates, TLS Connections)

Desired Skills

• Experience with SAML authentication, familiarity with domain structures, user authentication, and PKI
• Experience with Messaging Queues (e.g., RabbitMQ)
• Experience with Microsoft SQL
• Experience with programming and working with regular expressions (XML, Java, JSON, Python, PowerShell, painless, grok)
• Relevant security certifications a plus: CISSP, CISM, CISA, Security+, CEH
• Understanding of interrelationships between critical infrastructure protection and cybersecurity
• Knowledge and experience with Assessment & Authorization (A&A) processes in Federal environments, preferably with experience utilizing the NIST Risk Management Framework (RMF)

 

Education Requirement

• BS in Computer Science or related field Expereince required

Years of Experience Requirement

• 2+ years of experience

Location

• Reston, VA (REMOTE)

Security Clearance

• Must be a US citizen (non-dual citizenship)
• Able to obtain and maintain a DHS Suitability/Entry on Duty (EOD

ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a motivated, career, and customer-oriented Build and Release Engineer to join our team in the Reston, VA area to provide unparalleled support to multiple federal agencies through the Continuous Diagnostics & Mitigation (CDM) Program. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market.

 

The Build and Release Engineer responsibilities include perform as a technical liaison for Release and the Engineering workstream teams on every aspect associated with final builds and control release baseline issues. This position requires the candidate to support and enhance program lab environment to ensure integrated products have reliability, observability and maintainability required for customer deployment. The successful candidate will also bring a consultative approach identify and improve tools for continuous build, automated testing and release management.

 

Roles and Responsibilities

• Assist Release Manager executing release activities in accordance with established Release Management procedures and processes
• Define, implement, and enforce strong software build, deployment process for development, testing and production systems
• Configure repositories with application code and maintain code for multiple applications
• Perform GIT and Subversion administration and migration activities
• Create GIT and Subversion repositories with standard directory layout of trunk, branches, tags and also customized directory based on business/program need
• Work with developers, QA teams, and product managers to ensure releases are delivered with a repeatable and auditable process
• Make recommendations on specific aspects of build and deployment and continuously strive towards improvements in process and productivity through technology improvements
• Perform day-to-day release tasks needed to automate and deploy release through DEV and TEST environments
• Perform other duties as assigned

 

Required Skills

• Proficient in GitLab and Subversion code repository management
• Hands on experience on tools and technologies like Jenkins, GIT, Linux, Java, Docker, Jira, confluence, MySQL, sqlserver, etc.
• Experience on scripting languages including PowerShell and Python
• Knowledge of Scaled Agile Software Development experience
• Knowledge of IT systems management, Systems Engineering Life Cycles (SELC) and Software Development Life Cycle (SDLC)
• Experience with Microsoft Office (including MS Office suite, Visio, and Project)
• Must be a self-starter with the ability to build processes from ground level
• Ability to coordinate between cross-functional teams
• Ability to work in fast-paced environment with frequent software releases
• Must be able to effectively complete simultaneous tasks with independent deadlines and deliverables.
• Effective oral and written communication skills with customer, technical, and management personnel
• Must possess a self-starter mentality and an effective problem solver
• Detail oriented, well organized and customer focused
• Strong interpersonal and collaborations skills; be able to work in a team-oriented environment and also work independently
• Ability to adhere to defined processes & procedures, and suggest improvements

Desired Skills

• Experience with CI/CD pipeline implementation and management
• Experience with DevOps or any related training/certifications
• Familiarity with large organization agile practices such as with SAFe/Scaled Agile Frameworks

 

Education Requirement

• BS in Computer related or Engineering field or equivalent work expereince required

Years of Experience Requirement

• 4-6 years of experience

Location

• Reston, VA (REMOTE)

Security Clearance

• Must be a US citizen (non-dual citizenship)
• Able to obtain and maintain a DHS Suitability/Entry on Duty (EOD)

ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a motivated, career, and customer-oriented Senior Data Analyst to join our team in the Reston, VA area to provide unparalleled support to multiple federal agencies through the Continuous Diagnostics & Mitigation (CDM) Program. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market.

 

Roles and Responsibilities

• Provides oversight for data management activities
• Implements data management techniques and data collection systems
• Champion development and implementation of quality controls and standards to ensure adherence
• Develop strategies that optimize data quality, data security and process efficiency
• Works closely with other service area leads to ensure data management services remain capable of meeting ongoing and future requirements
• Analyzes process measurements associated with data management and recommends improvement activities based on service deviation
• Strategic input into solution design focused on data management considerations
• Ability to demonstrate strategic thinking with strong project management understanding
• Maintaining high-level oversight on data quality metrics and deliverables
• Evaluate project load to ensure proper staffing on overall project and provide resource allocation support
• Escalate issues to project leaders as per established project and corporate requirements
• Liaise with Delivery Mangers and Service Area Managers in support of agencies
• Provides leadership for the Data Management team through active mentoring, guiding, and coaching
• Collaboratively conducts performance and merit review activities team members
• Responsible for addressing employee relations issues and resolving problems
• Models and reinforces the corporate culture through vision, action, and learning
• Develops/oversees recruitment/retention strategy and related initiatives
• Approves timesheets, expense reports, leave request and other administrative duties related to team management

 

Required Skills

• Experience with coding languages, such as Java and Python
• Excellent understanding of database administration and management functions
• Prior experience in data conversion, data migration, requirements gathering, data mapping and data source gap analysis
• Proven experience developing end-to-end conversion test plans, executing test cases, documenting test results, tracking and resolving test defects
• Proven experience working in an Agile deployment model
• Detail oriented with excellent writing, verbal, and technical skills
• Expert level communicator to all levels of personnel

Desired Skills

• Understands, seeks, and implements solutions to removing friction from the overall development cycle using formal approaches and entrepreneurial analysis and creativity.
• Understands the developer persona and how to drive great developer experiences
• Stays abreast of new technologies that are driving business process simplification across the industry and is the leader in driving that change by partnering and piloting across various business areas in our program.

 

Education Requirement

• Bachelor’s degree in Business Administration, Computer Science, Data Science, Data Analytics or related field, or equivalent work experience

Years of Experience Requirement

• 7+ years of data management experience
• 3+ years of experience in Agile product management
• 3+ years with lead or supervisory experience within a data management environment

Location

• Reston, VA (REMOTE)

Security Clearance

• Must be a US citizen (non-dual citizenship)
• Able to obtain and maintain a DHS Suitability/Entry on Duty (EOD)

ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a Threat Detection Engineer/Content Developer who has experience searching for threats, inspecting network traffic, investigating and analyzing logs along with developing custom Splunk content in the federal market. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market.

 

Roles and Responsibilities

• Capture use cases from subscribers or other team members and develop correlation rules
• Utilize knowledge of latest threats and attack vectors to develop Splunk correlation rules for continuous monitoring
• Develop, manage, and maintain Splunk data models
• Review logs to determine if relevant data is present to accelerate against data models to work with existing use cases
• Develop custom regex to create custom knowledge objects
• Developing custom SPL using macros, lookups, etc., and network security signatures such as SNORT and YARA
• Develop custom dashboards and reports for customer stakeholders
• Train and mentor junior staff

 

Required Skills

• Extensive experience working with various security methodologies and processes
• Advanced knowledge of TCP/IP protocols, experience configuring and implementing various technical security solutions, extensive experience providing analysis and trending of security log data from a large number of heterogeneous security devices
• Expert knowledge in two or more of the following areas related to cybersecurity: Vulnerability Assessment, Intrusion Prevention and Detection, Access Control and Authorization, Policy Enforcement, Application Security, Protocol Analysis, Firewall Management, Incident Response, Web-filtering, Advanced Threat Protection
• Experience developing advanced correlation rules utilizing tstats and data models for cyber threat detection
• Experienced with creating and maintaining Splunk knowledge objects
• Experienced managing and maintaining Splunk data models
• Experience creating regex for pattern matching
• Experience implementing security methodologies and SOC processes

Desired Skills

• Experience with cloud (e.g. o365, Azure, AWS, etc) security monitoring and familiar with cloud threat landscape
• Completed Splunk Advance Searching and Reporting training
• Experience developing custom scripts using python
• Splunk certifications

 

Education Requirement

• Bachelor’s Degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field

 

Years of Experience Requirement

• 12 years of experience in incident detection and response, malware analysis, or cyber forensics

 

Location

• Arlington, VA

 

Security Clearance

• Ability to obtain an Entry on Duty (EOD) clearance to support this program

ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a Splunk Engineer Subject Matter Expert who has experience installing and maintaining Splunk infrastructure in the federal market. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market.

 

Roles and Responsibilities

• Conceptualize, design, build, and maintain current and future customer-supported tools and platforms
• Manage multiple assignments, changing priorities, and work independently with little oversight
• Lead team of Splunk engineers in the management of Splunk solution to optimize data availability for SOC and other stakeholders.
• Develop data storage, access, and retention strategies for a large IT enterprise using industry standards and best practices to advise Customer executive-level stakeholders
• Design, build, implement, and administer Splunk infrastructure in on-prem and cloud environments.
• Create, manage, and support automation solutions for Splunk deployment and orchestration in on-prem and cloud environments
• Work with existing and custom Splunk applications and add-ons to fulfill customer needs
• Provide overall engineering and design support for a distributed Splunk environment consisting of heavy forwarders, indexers, and search head servers, spanning security, performance, and operational roles
• Onboard data to Splunk via forwarder, scripted inputs, TCP/UDP, and modular inputs from various sources
• Normalize data to ensure CIM compliance, and develop data models to accelerate queries, dashboards, and correlation searches
• Work closely with all relevant stakeholders to solve technical problems at the network, system, and application levels
• Conduct periodic architectural reviews of Splunk and related systems to assess effectiveness and propose optimal installation alternatives as required
• Develop and manage comprehensive documentation, artifacts, procedures, and processes for the optimal management of the Splunk infrastructure

 

Required Skills

• Excellent written and oral skills, ability to work closely with multiple customers, manage expectations, and track engagement scope
• Experience implementing FISMA, NIST, NSA, and other information security, cybersecurity and CDM-related industry policies, procedures, guidelines, standards, and best practices
• Expert-level knowledge and ability with Splunk Enterprise Security or integration with other Security Information and Event Management (SIEM) platforms
• Extensive experience with advanced configuration of Splunk including Indexer Clustering and Search Head Clustering
• Proficient at data on-boarding activities including routing, parsing, and normalizing events to the Splunk Common Information Model (CIM)
• Proficiency onboarding data using Splunk-developed add-ons for Windows, Linux, and common third-party devices and applications
• Experience onboarding data into Splunk via forwarder, scripted inputs, TCP/UDP, and modular inputs from a variety of sources
• Proficiency managing Splunk using the Splunk command-line interface
• Proficiency managing Splunk using configuration files
• Experience collaborating with separate engineering teams to configure data sources for Splunk integration
• Intermediate understanding of SQL and common SQL dialects
• Proficiency implementing and onboarding data in Splunk DB Connect
• Experience with Splunk performing systems administration, including performing installation, configuration, monitoring system performance and availability, upgrades, and troubleshooting
• General networking and security troubleshooting (firewalls, routing, NAT, etc.)
• Splunk architecture/design, implementation, and troubleshooting experience
• Experience in managing, maintaining, and administering multi-site indexer cluster
• Proficiency developing log ingestion and aggregation strategies per Splunk best practices
• Perform integration activities to configure, connect, and pull data with 3rd party software APIs
• Experience implementing and optimizing Splunk data models
• Proficient in regular expressions
• Scripting and development skills (Bash, Python, or PowerShell)
• Ability to autonomously prioritize and successfully deliver across a portfolio of projects

Desired Skills

• Experience working among different Cloud Provider environments (Azure, AWS, GCP), particularly for a federal government customer
• Experience with GitLab or GitHub or other version-control system
• Experience with Ansible tower and/or writing Ansible playbooks
• Four (4) years of experience with distributed systems development using REST APIs
• Four (4) years of experience with database development using ODBC, JDBC, or other database APIs

 

Education Requirement

• Master’s degree in Computer Science, Engineering, or a related field and a minimum of fifteen (15) years of experience in system administration, database administration, network engineering, software engineering, or software development, with a concentration in Cybersecurity

 

 

Years of Experience Requirement

• Fifteen (15) years of experience with Linux and Windows system administration or an expert understanding of operating systems and common operating environments
• Ten (10) years of experience with Splunk in distributed deployments

 

Certification Requirement

At least one of the following certifications:

 

• CompTIA: CASP
• SANS:  GCIH, GCWN, GISF, GISP, GSSP, GICSP, GSSP
• Carnegie Mellon:  SEI
• ISC2:  CCSP, CISSP, CSSLP, SSCP
• Cisco:  CCNP, CCNP Security, CCIE Security
• EC_Council:  CEH, ECSP
• Microsoft:  MCSE (Server), Azure Administrator Associate, Cybersecurity Architect Expert, Azure Solutions Architect Expert
• Red Hat:  RHCA, RHCE
• VMware:  VCA, VCP, VCAP, VCIX, VCDX
• NetApps:  CIS, CIES, CDAP, CSA
• Splunk:  Enterprise Certified Architect

 

Location

• Arlington, VA

 

Security Clearance

• Ability to obtain an Entry on Duty (EOD) clearance to support this program

ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking Blue Team Engineers with experience utilizing offensive tools and techniques to conduct exercises for a government agency that mimic both insider and external threats to operational systems and networks. Activities include but are not limited to network discovery threat detection, forensic support and reporting. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market.

 

Roles and Responsibilities

• Conduct automated and manual test of information systems using industry best tools, to include vulnerability scans, source code review and web application testing
• Develop test plans, perform tests and prepare after-action reports for information systems
• Document tests in accordance with agency regulations and SOPs
• Contribute to A&A, POA&M vulnerability management, and continuous monitoring efforts by providing trend analysis and briefings
• Utilize signature-based scanners, data collection tools, and hardware analysis tools to determine the footprint and impact of potential events
• Conduct SIEM reviews to ensure proper detection and notification of threat events
• Support vulnerability analysis and mitigation strategies to prevent additional occurrences of threat events

 

Required Skills

• The candidate should be comfortable researching and understanding a wide variety of information systems and emerging technologies
• Have a broad knowledge of security methodologies, solutions and best practices
• Have experience with multiple open source and commercial testing tools; a non-comprehensive list includes Nessus, App Detective, Metasploit, Burp Suite, and nmap
• Advanced understanding of the strengths and weaknesses of security tools with the ability to select the right tool for the job; ability to configure and troubleshoot tools if necessary
• Be comfortable using, configuring, troubleshooting, and administrate both Unix/Linux and Microsoft operating systems; extensive systems engineering experience with at least one of these OSs
• Solid understand of the security policies of Department of Justice and FBI, as well as security guidelines published by the National Institute of Standards (e.g., 800-53 and 800-53a)
• Have the ability to think critically and creatively; capable of synthesizing and analyzing large amounts of data related to complex systems; ability to articulate thoughts and findings in a concise and comprehensive manner

The ideal candidate must have an expert understanding of at least one of the following technologies and their security vulnerabilities:

• Web applications and technologies. Advanced understanding of application programming languages, application servers, Web services, and Web browsers. Candidate should also understand the vulnerabilities related to these technologies, as well as security best practices when using them. Candidate should also be able to use automated assessment tools and manual testing techniques to assess these applications. Familiarity with OWASP testing methodology is also required.
• Networking technologies. Advanced proficiency with various networking skills and technologies, including (but not limited to) Cisco hardware and IOS, firewalls, IDS and IPSs, packet analysis, and high level network architecture fundamentals.
• Enterprise solutions, storage and databases. Advanced understanding of relational databases, database management systems, enterprise storage solutions, and security concerns specific to these technologies.
• Cross domain solutions and trusted operating systems. Advanced experience with a range of Cross Domain Solutions, or CDSs, and advanced understanding of the unique security requirements of CDSs and trusted OSs such as trusted Solaris v8, Solaris v10 with trusted extensions and Security Enhanced Linux.
• Virtualization technologies. Advanced experience with VMware products, Microsoft virtualization technologies and/or similar technologies.
• Mainframes. Advanced hardware, OSs, networking, and security best practices

Certification Requirement

• Must have one of the following certifications: CISSP, ISACA, OSCP, CISA, GPEN or GWAPT, C|EH

Education Requirement

• Bachelor’s degree or ten (10) years of IT experience

 Location

• Washington, D.C.

 

Security Clearance

• Top Secret with SCI eligibility and ability to pass a Counter-Intelligence (CI) polygraph

ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a Elastic SIEM Cyber Engineer who has experience managing an Elastic Cloud Enterprise & Elasticsearch platform in the federal market. You will be focused on the day-to-day operations and improvement of the ECE cluster utilized as the SIEM function. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market.

 

Roles and Responsibilities

• Elastic SIEM solution development, integration, platform architecture, and capacity planning in mission-critical environments
• Deploying additional Elastic clusters using infrastructure as code (Ansible playbooks)
• Maintain, secure, and upgrade ECE deployments
• Integrate log and sensor data into ELK
• Data modeling, query development and optimization, cluster tuning and scaling with a focus on fast search and analytics at scale
• Streamline cybersecurity tactics, techniques and procedures
• Create dashboards and reports in ELK
• Leverage data analytics can machine learning algorithms for cyber operations
• Provide adoption awareness and training for the ELK SIEM
• Working with a multi-tenant platform and working with tenants to understand requirements
• Providing subject matter expertise to assist the rest of the team in their roles

 

Required Skills

• 4+ years of experience with IT with a focus in Linux sysadmin, databases, containers or cyber operations
• 3+ years of experience with hands on operations of sizing, monitoring, and management, and open-source tools, including Kafka, Logstash, Beats, Elasticsearch, Kibana and Splunk
• Knowledge of planning and executing data retention and life cycle management plans
• Hands-on experience administrating Elasticsearch clusters (10+ Data nodes)
• Knowledge of information retrieval and/or analytics domain
• Experience with load balancing, DNS, TLS certificate generation and SAML integration.
• Experience working with data solutions in a public sector
• Excel at working directly with customers to gather, prioritize, plan and execute solutions to customer business requirements as it relates to our technologies
• Familiar with SOC operations, open-source security frameworks, and Linux

Location

• Alexandria, VA

Security Clearance

• Must have an active Secret Clearance

ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a Security Engineering Assessor who has experience providing Technical Assessments thoroughtout the System Development Lifecycle (SDLC)/ System Engineering Lifecycle (SELC) to ensure a healthy security posture and effective compliance with federal requirements in the federal market. This is a unique opportunity to be involved with a broad range of technologies and to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market.

 

Roles and Responsibilities

• Assess the security posture of new and emerging technology that is implemented or before being implemented to identify all risks and the security posture of Enterprise IT organization systems
• Define and enforce policies and guidelines as outlined within NIST SP 800-53, DHS 4300A, DHS 4300B Sensitive Systems Policy
• Research and provide guidance in the implementation of system specific features and security controls to ensure effective compliance with federal requirements
• Provide IT security consultation and recommendations to system stakeholders to promote a strong security posture for systems
• Conduct security assessments throughout the System Development Lifecycle (SDLC)/ System Engineering Lifecycle (SELC) through research, security documentation reviewes, and communication with system stakeholders

 

Desired Skills

• Strong understanding of the SDLC/ SELC lifecycles and the system security requirements required through each phase and at each gate
• Expert knowledge of the NIST SP800-60 Risk Management Framework (RMF)

• Expertise in security engineering and experience with conducting technical risk assessments for large and complex information systems that include a broad range of technologies

• Proficiency in the application of NIST security controls guidance to Enterprise IT systems and applications
• Strong technical understanding of IT system, services and application architectures including cloud
• Excellent spoken and written communication skills, including the ability to speak clearly and distinctly, and to accurately summarize and describe information with correct, precise terminology
• Ability to work cohesively with a team that includes Enterprise Architects, Security Analysists, and other Security Engineers

Education Requirement

• Bachelors degree in related field

Years of Experience Requirement

• 5+ years designing and implementing network, systems, and security solutions

Certification Requirement

• Technical Certification (one or more of the following), CISSP, CCNP, MCSE

Location

• Fairfax, VA

Security Clearance

• Must be a U.S. Citizen

ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a Security Baseline Engineer who has experience building security baseline configuration guidelines for various technologies within the federal market. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market.

 

Roles and Responsibilities

Develop and implement security solutions in alignment with security strategy. Maintain an awareness of market and technology trends to bring best of breed solutions to the client. Apply leading-edge principles, theories, and concepts and contribute to the development of new principles and concepts. Work on unusually complex problems and provide highly innovative solutions. Work closely with government stakeholders in understanding the vision and direction of the information technology program and decompose this architecture and associated use cases into discrete components that can be addressed from a cybersecurity engineering standpoint. Understand proposed and in-place architectures at a level that enables the identification and understanding of possible security risks and propose solutions for risk mitigation.

 

Required Skills

• Experience with creating, reviewing and customizing general security configuration baselines including DoD, STIGs, and CIS Benchmarks
• Experience with translating the low-level security baseline requirements into high-level FISMA and NIST requirements and client-specific security policies
• Experience working with the NIST 800 Special Publication series guidance related to risk management and security control implementation, including 800-30,800-37, 800-53, 800-60, 800-63, 800-115, or 800-137
• Experience with one or more of the following technologies: Networking, including CISCO, Juniper, or Palo Alto, operating systems, including Windows Server, Redhat, or Linux, cloud services, including AWS, Azure, Salesforce, Okta, O365, or ServiceNow, or Mobile Technologies, including iOS or Xen Mobile
• Knowledge of the National Vulnerability Database (NVD) and Common Vulnerability Enumeration (CVE)

Desired Skills

• Experience with designing, building, and implementing automation tools, including Ansible, Chef, or Puppet
• Experience with Infrastructure as Code tools, including Cloud Formations or Terraform
• Experience with container platforms, including OpenShift
• Experience with chaos engineering and blue or green deployments
• Experience with Serverless, including Lambda, API Gateway, Step Functions, and SAM
• Experience with application performance analysis and monitoring, including ELK
• Experience with an Agile release methodology

Education Requirement

• BA or BS degree in Information Security, Computer Engineering, Information Systems, Telecommunications, or Technology

Years of Experience Requirement

• A minimum of five (5) to eight (8) years of relevant work experience in the area of network security engineering or security operations, including hands-on experience with security tools and devices such as Apcon, A10 load balancers, FireEye

Certification Requirement

• Maintain at least one current professional certification. Acceptable certifications include: Any SANS GIAC Security certifications (Administration, Software, Forensics, or GSE Expert), ISC2 CISSP, or any security systems vendor administration-level certifications. AWS Certified Solutions Architect or Developer Certification. CCNA, MSCE, RHCSA, EBSA or ECSS Certification

Location

• Washington, DC

Security Clearance

•  Must be a U.S. Citizen

ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a DevOps Engineer who has experience developing and managing the automated build system, automated deployment system, continuous integration environment, and continuous test environment for a suite of open source/COTS product configurations and custom code in the federal market. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market.

 Roles and Responsibilities

• Work closely with Configuration Management Analysts and the Release Train Engineer to automate build/test/deploy processes from Dev->Test->Staging
• Deploying, integrating, and managing source control (Git/GitHub), continuous build/delivery (Jenkins), software quality tools (SonarQube), artifact hosting (Nexus), issue management (Jira), documentation/ collaboration (Confluence), automated testing (Selenium), and deployment of solutions (Open Source Java solutions and COTs configuration files)

 Required Skills

• Expertise automating build/test/deploy processes
• Expertise in scripting deployments using bash scripting or similar
• Expertise with identification of controlled artifacts (configuration items) and implementation of standard CM control processes
• Experience with configuration management tools and technologies
• Expertise integrating Content Management systems and/or Wikis with SCM (for example JIRA integration with Confluence)
• Experience in system architecture and engineering disciplines
• Efficiently manage AWS resources to control costs
• Experience with he cyber security domain to include: governance and risk management, compliance, business continuity and disaster recovery, encryption, software development security, access control, network security / secure architecture, and security operation
• Excellent problem-solving ability and strong work ethic that is proactive and self-motivated
• Experience in product release planning and associated deliverable tracking

 Desired Skills

• Git or similar distributed repository technology preferred
• Experience integrating with an Active Directory
• Familiarity with DoD STIGs, SRGs, etc

 Education and Years of Experience Requirement

• Bachelor’s (IT or relevant STEM degree) with 5 – 7 yrs of experience, or a Masters and 3 to 5 yrs of experience

 Certification Requirement

• Relevant AWS Certification(s)
• SAFe DevOps Certification

 Location

•   Fairfax, VA

Security Clearance

• Must be clearable to DHS EOD

ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking Cybersecurity Engineers who have strong familiarity providing Cybersecurity assessment services utilizing a multitude of cyber tools, proven methodologies and industry best practices in the federal market. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market. This position provides the opportunity to travel to client sites both locally and nationally.

 

Roles and Responsibilities

As part of the Cyber Assessments team, provide cybersecurity scanning and testing services, threat intelligence integration to provide cybersecurity customers with findings and information that informs the risk management and decision-making processes.

 

Required Skills 

• Knowledge of host identification and exploitation of vulnerabilities
• Knowledge of phishing procedures
• Knowledge of script writing and crafting of payloads
• Knowledge of database operations and system/network administration
• In-depth knowledge and understanding of operation of assessment tools (including but not limited to Metasploit, Nmap, Burp Suite, Powersploit, and Cobalt Strike)
• Ability to operate in a critical fashion in dynamic environments
• Knowledge of FISMA and NIST 800 series standards
• In-depth knowledge of network mapping, vulnerability scanning, penetration testing, and Web Application testing
• In-depth knowledge of the procedures of Phishing Assessments, Wireless
• Assessments, Operating System Security Assessments, and Database Assessments
• Coordinates assessment equipment, including ensuring images on assessment equipment are up to date, equipment transport, setup and tear-down of equipment on-site, and general maintenance
• Operates assessment tools, under the direction of the Government, the IT
• Security Expert Level II, and NCATS Assessment Standard Operating Procedures
• Assists the IT Security Expert Level II with development of documentation and reporting for coordination of Assessment report in accordance with the appropriate report template at the direction of the Government

Education Requirement

• Bachelor’s Degree in related field

Years of Experience Requirement 

• Minimum of 2 years operational experience

Certification Requirement

• At least one of the following: OSCP, OSCE, GPEN, GXPN, or equivalent

Location 

• Arlington, VA

Security Clearance

• All personnel must have at least a PUBLIC TRUST clearance and pass a DHS background check

ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a Tenable Security Engineer who has experience operating and maintaining Tenable security suite for purposes of managing security configuration settings against defined security hardening guidance and on compliance status in the federal market. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market.

 

Required skills

• Experience with maintaining, optimizing, and troubleshooting the Tenable solution currently deployed in a UNIX environment, including Tenable.sc, Tenable.io, NNM, LCE, Nessus Manager, Agents, and Scanner
• Experience with deploying, configuring, and maintaining Nessus agents in an enterprise environment, including the application of best practices for schedules and integration with Tenable.sc
• Experience with supporting upgrades of Tenable.sc, Nessus Manager, Nessus scanners, LCE, and PVS
• Experience with performing security compliance and vulnerability assessments specifically developing and applying STIG or CIS baselines for various operating systems, including Windows or RHEL and CentOS
• Experience with configuring authentication methods, including PIV, SAML and LDAP, and development of role-based access controls (RBAC)
• Experience with performing enterprise-wide networking scanning, agent scan, container, including credential scan of UNIX, Windows, Network devices, and VMware
• Ability to provide design and architectural guidance for tool capabilities during technical stakeholder meetings
• Ability to prepare and maintain solution documentation, including security, configuration, and CONOPS

Desired skills 

• Experience with using Tenable APIs, integrating tenable products and automating daily activities
• Experience with creating dynamic asset, dashboards, and reports
• Experience with administering Windows and UNIX in an enterprise environment
• Experience with using security tools and technologies, including Domain Naming Service (DNS), Active Directory (AD), Windows PowerShell, Windows credential stores, Microsoft Certificate Authority, Python, REST, JSON, SOAP, Shell Scripting, TCP stack, and Wireshark

ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a Principal Security Engineer (Elastic Stack Enterprise) who have experience with design, documenting, build, and securing of Elastic Stack solutions in the federal market. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market.

 

Roles and Responsibilities

• Responisible for working with the technical team to design, document, build, secure and maintain Elastic Stack Enterprise solutions (Elasticsearch, Logstash, Kibana, and Beats) deployed in the Cloud or on-premise to support federal agency production deployments
• Works closely with architects, engineers, developers, and integrators to assess customer requirements and to design and support an Elasticsearch Stack solution to ensure compliance with dashboard data requirements
• Participate in group sessions as well as attend and share in agile sprint daily meetings in order to track progress to ensure development of solutions is in support of the customer requirements.
• Serve as a trusted advisor, providing subject matter expertise, guidance, and best practice recommendations
• Configuring and maintaining Linux based Operating Systems in support of the Elasticsearch products (yum updates and product version upgrades)
• Working with a team and providing analysis of alternatives and progress status in daily sprint meetings
• Meet professional obligations through efficient work habits such as, meeting deadlines, honoring schedules, coordinating resources and meetings in an effective and timely manner
• Develop and manage effective working relationships with other departments, groups and personnel with whom work must be coordinated or interface
• Recommend enhancements and modifications to optimize business intelligence processes

Required Skills

• Knowledge and experience using NoSQL and related solutions
• Experience with engineering and administrating the Elastic Stack (Elasticsearch,Logstash, Kibana, Beats) in production at scale (multi-node clusters, hot/warm architectures, index lifecycle management, snapshots, etc.)
• Experience managing Linux hosts (CentOS / RHEL 7.X preferred), to include securing to defined baselines (such as NIST 800-53, DISA STIGs, etc.)
• Experience with data lifecycle management, to include common ETL (Extract,Transform, Load) techniques, preferably with Logstash and Beats
• Experience planning and integrating data schemas and KQL / Lucene query syntax
• Experience developing custom visualizations (preferably in Kibana) to convey business analytics of value to customers
• Experience with automated configuration management tools (Ansible, Chef, Puppet, SaltStack) and containers/orchestration (Docker, Kubernetes), and version control systems (GitHub, GitLab)
• Experience with cloud infrastructure, preferably Amazon Web Services (AWS)
• Experience with implementation of and challenges with message queue technologies, such as Apache or Confluent Kafka, RabbitMQ, SQS, etc
• Proficiency with programming and scripting concepts, preferably in Python, for custom development and integrations
• Strong networking background with analytical and problem-solving/troubleshooting skills to effectively resolve problems both in development and production
• Experience working in DevOps structured and Agile organizations

Desired Skills

• Experience with RMF process a plus
• Experience with ECE/ECK a plus