Cyber Security Specialist III

Overview Cyber Security Specialist III – Washington, DC Pay From: $55.00 per hour Qualifications Secret Clearance required 7+ years of experience Proficiency in tools such as SIEMs (e.g., Splunk), IDS/IPS, endpoint detection, and scripting languages Strong communication skills for working with SOC teams, CD&M engineers, and system stakeholders Collaboration with internal cybersecurity experts Understanding of impact assessment on end-products or solutions; broad technical understanding of related cybersecurity specialty areas Ability to develop and implement technical solutions independently Experience with incident detection, response, and security event management Familiarity with NIST SP 800-53, FISMA, and risk management frameworks Experience with scripting (e.g., Python, Bash) and log data analysis Deep technical knowledge and proficiency in cybersecurity principles and practices; strong problem-solving for complex and unclear technical issues Bachelor/'s degree from an accredited institute in Cybersecurity or related field; Three additional years of experience in lieu of degree Duties Perform day-to-day administration of Splunk, including monitoring system health, managing indexes, and troubleshooting ingestion or search performance issues Support Splunk operations in hybrid environments (on-prem servers, AWS compute/storage, Linux VMs) Apply patches, upgrades, and configurations to maintain stability and compliance of Splunk infrastructure Onboard new data sources into Splunk using syslog, Event Collector (HEC), JSON feeds, and APIs Normalize and validate ingested data to ensure alignment with Splunk Common Information Model (CIM) and SOC use cases Collaborate with system owners, engineers, and SOC analysts to configure log forwarding and resolve onboarding issues Develop and maintain ingestion pipelines that support large-scale SOC operations Tune parsing, field extractions, and sourcetypes for optimal indexing and search performance; document and maintain data onboarding procedures, schemas, and configuration standards Ensure Splunk onboarding and data retention configurations align with security and compliance requirements (NIST RMF, FISMA, CCRI) Generate audit-ready intake documentation and data validation reports for compliance reviews Work with compliance and CD&M teams to ensure Splunk data supports continuous monitoring and reporting mandates Provide Tier II/III Splunk intake and admin support, escalating complex issues to senior Splunk engineers as required Partner with SOC analysts and CD&M engineers to ensure onboarded data supports detection, dashboards, and reporting needs Contribute to DI/&I process improvement initiatives to streamline intake and optimize operational workflows Quadrant is an affirmative action/equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, status as a protected veteran, or status as an individual with a disability. #J-18808-Ljbffr

Created: 2025-09-28