Security Engineer/ Data Security Analyst IV ITI is seeking an experienced Cybersecurity engineers to work out of Lackland AFB. IS3 provides cybersecurity support to 16th Air Force. Job Description: Must be highly proficient in use of Risk Management (RMF) methodology, its associated assessments and report requirements, understanding of the plans and policies, and conduct timely and in-depth research for policies and processes applicable to security engineering. Solid knowledge and experience with the NIST 800 Risk Management Framework (RMF) NIST 800 series 800-37 Rev 2, 800-53 Rev. 5. Demonstrated expertise in RMF processes and tools such as Xacta and eMASS, ensuring systems and applications to meet both AF IC and related IC policies and regulations. Ability to apply IT security control requirements to address the level of security required to protect the confidentiality, integrity and availability of system data and resources. Develop solutions and recommendations (with test plans) and provide POA&M and documentation support including, but not limited to, assessment methodologies, and proficiency in Governance, Risk, and Compliance (GRC) platforms, Risk Assessment Reports (RARs), plan of action and milestones (POA&Ms), assessment and authorization (A&A) workflow tools data, patch management, IA vulnerability alerts (IAVA), memorandums, Interim Authorization To Test (IATT), Critical Design Review (CDR), Continuous Monitoring Review (CMR) and Authority To Operate (ATO). Experience performing scans of systems and architectures using AF IC approved scanning tools. Solid technical knowledge and experience system networking, Windows, Linux, and DoD or USAF Cloud desired. Ability to execute policy and procedures and create reports. Ability to support global travel when needed for assessment support. Education & Experience: 5 -7 years' experience with BS or MS in IT or related field. DoD 8570 Cyber Certification: DoD 8570/DoDm 8140.03 IAM III or IAT III Level certification required. Security Clearance: Must possess current Top-Secret Clearance with SCI eligibility.
Splunk Database Engineer Location: Lackland AFB, San Antonio, Texas JOB SUMMARY: The Splunk Database Engineer provides expertise in the implementation, management, and maintenance of Splunk solutions. This role requires a deep understanding of Splunk core components, data ingestion, SPL, and dashboard/alert creation. The Engineer will be responsible for data ingestion, data transformation, data analysis, dashboard creation, and collaborating with technical teams to support project requirements. PR IMARY DUTY RESPONSIBILITIES: Splunk Expertise: Provide Subject Matter Expertise for Splunk software. Demonstrate knowledge of different Splunk versions and data migration techniques between environments. Install, configure, troubleshoot, and patch Splunk software (Enterprise, Forwarders, Indexers, Search Heads). Demonstrate working knowledge of host computing, virtual machine computing, and Splunk software operation in Docker, Kubernetes, and cloud environments. Ingest data into Splunk and transform it for advanced analysis using SPL and Splunk tools. Demonstrate knowledge of programming/scripting languages common to Splunk (SPL, Python). Data Analysis and Visualization: Provide Splunk dashboards from datasets utilizing predefined templates or custom components. Understand and use SPL queries and aggregations for dashboard creation. Write Python code to prepare data for analysis and generate insights using statistical and machine learning techniques, often integrated with Splunk. Data Management and Automation: Demonstrate working knowledge of REST APIs and JSON data format. Translate CSV formatted data into JSON data or other formats suitable for Splunk ingestion. Develop, troubleshoot, and maintain custom scripts to automate data ingestion into Splunk. Provide data input and extraction from Splunk datastores (indexes). Data Science and Architecture: Demonstrate knowledge of Data Science principles, especially Data Enhancement and Data Analysis, as applied within a Splunk context. Derive appropriate design architecture for custom datasets and decompose data into components for analysis within Splunk. Use Splunk tools and apps for Data Enhancement and Data Analysis. Collaboration and Training: Collaborate with technical and application teams to identify, evaluate, and recommend technical solutions. Provide OJT to other contractors, military, and/or civilian personnel on Splunk usage and administration. Maintain continuity folders/working aids to ensure efficient transition when personnel rotate. Compliance: Maintain DoD 8570 IAT Level II compliance (current Security+ certification). Security Clearance: Top Secret SCI - Willing to take Polygraph Education/Certifications: Bachelor's degree in Computer Science, Information Technology, or a related field is preferred. CompTIA Security+ certification (DoD 8570 IAT Level II compliant/8140 System Admin) is required. Relevant Experience: At least 3 years of experience with Splunk software (e.g., Splunk Enterprise, Splunk Cloud, Splunk Forwarders, Indexers, Search Heads). Demonstrated experience with data ingestion, data transformation, and data analysis using Splunk. Experience with Python programming for data analysis and machine learning. Familiarity with Docker, Kubernetes, and cloud environments. Knowledge of Data Science principles, data enhancement, and data analysis techniques. Key Requirements: Strong understanding of Splunk architecture and functionalities. Expertise in data manipulation, transformation, and analysis using Splunk Search Processing Language (SPL). Ingest data into Splunk and transform it for advanced analysis using SPL and Splunk tools. Demonstrate knowledge of programming/scripting languages common to Splunk (SPL, Python).
