The Senior Cybersecurity Delivery Engineers at CDW-G team with other Engineers on highly visible, technically challenging projects and offerings. This engineer will be responsible for configuring, maintaining, and troubleshooting architectures within customer specific environments leveraging capabilities from Splunk and Mcafee.. The position is Federally focused and the engineer will need to operate within a Department of Defense/Classified environment.
Key Areas of Responsibility
- Provides Professional Services related to configuration, implementation, maintenance, and troubleshooting the customer’s Splunk/Mcafee environments.
- Splunk – Maintain customer’s production environment related to End Point Security, SIEM, and SOAR (Security Orchestration Automation & Response) capabilities.
- Mcafee – Maintain customer’s production environment utilizing toolsets within HBSS (Host Based Security Suite) and DLP (Data Loss Prevention) across Windows and Linux platforms.
- Expertise developing security-focused content for Splunk, including creation of complex threat detection logic and operational dashboards.
- Manage the deployment of the McAfee ePO server(s), as well as experience maintaining the OS and SQL instances.
- Regularly interface with technical and business staff of customers, including the project sponsor and stakeholders of projects in more complex engagements.
- Serve as technical point of contact on customer engagements.
- Manage time and expense to meet or exceed expectations defined in the Statement of Work.
- Provide high quality content deliverables using the appropriate document templates.
- Ensure solution is implemented as designed to the customer’s satisfaction and approval.
- Educate the customer on solution as appropriate throughout the life of the project or service life.
- Conduct throughput analysis, problem solving, and infrastructure planning.
- Participate in various client projects intended to continually improve/upgrade SEIM environments.
- Assist in the management of projects using CDWG's project management methodology.
- Work with Professional Services Managers, OEMs, Project Managers and customers to manage expectations and timelines to ensure expectations and commitments are being met.
- Educates the customer on solution as appropriate throughout the life of the project or service life.
- The information in this position description is intended to convey information about the key responsibilities and requirements of the position. It is not an exhaustive list of the skills, efforts, duties, responsibilities or working conditions associated with the opportunity. Responsibilities are subject to change.
- Bachelor degree or equivalent years of military service
- 7 years of delivering complex technical solutions including planning, development, implementation and support including Failover techniques, recovery/rollback and application partitioning
- 7 years of Federal and/or DoD experience
- 5 years of current experience in technical consulting or big data analytics
- 5 years of Cyber Security experience (security analytics, SOC experience)
- 5 years Splunk engineering experience
- 5 years Mcafee engineering experience
- DoD 8570 level II IAT Certification
- DoD/OPM Top Secret Clearance (TS) w/SCI eligibility
- Splunk Certified Admin, Splunk Certified Architect, Splunk Certified Consultant
- Certified McAfee VirusScan Enterprise and McAfee ePolicy Orchestrator Administrator
- Certified McAfee Data Loss Prevention Administrator
Other Required Qualifications
- Proficiency with Splunk App/TA configuration
- Proficiency with Splunk SOAR (formerly Phantom)
- Management/deployment experience with large scale/distributed Splunk environments
- Experience using McAfee Agents, VirusScan Enterprise, Host Intrusion Prevention, Disk Encryption, File and Removable Media Protection, and reading reports in ePO.
- Deep understanding of McAfee Data Loss Prevention (DLP), Host Intrusion Prevention (HIPs), and Viruscan Enterprise (VSE).
- Proficiency developing log ingestion and aggregation strategies
- Familiarity with key security events on common IT platforms
- Deep proficiency in client and server operating systems including Windows, Mac, and Linux
- General networking and security troubleshooting (firewalls, routing, NAT, etc.)
- Scripting and development skills (BASH, Perl, Python or Java) with strong knowledge of regular expressions
- Experience with implementing Defense Information Systems Agency (DISA) Secure Technical Implementation Guidelines (STIGs) within a Department of Defense environment.
- Experience with remediating identified Information Assurance Vulnerability Alerts (IAVAs) within DoD systems
- Willing to travel (25%)
- Strong organizational skills.
- Excellent attention to details.
- Abilities to work independently and to manage time effectively.
- Effective communication skills with an appreciation for the appropriate ways to interact with managers, coworkers, customers and vendors.
- Common Information Model (CIM) validation
- Universal/Heavy Forwarder configuration experience (Including encryption and compression setting
- Deep experience with Splunk Enterprise Security
- Familiarity with Cloud Service Providers such as (AWS & Azure)
CDW is committed to maintaining a workplace that is free of known hazards and to ensuring the safety, health, and well-being of coworkers and candidates for employment and their families, as well as the community.
CDW requires all coworkers be fully vaccinated against COVID-19, with the only exceptions being a documented, legally required medical or religious accommodation. Prior to starting with CDW, successful candidates will be required to: (i) be fully vaccinated against COVID-19 and provide CDW with proof of full vaccination; or (ii) apply for and receive a medical or religious-based accommodation to be exempt from the mandatory vaccination policy.