Senior Cybersecurity Architect/Engineer

Job Description

Advance your cybersecurity career with LS Technologies, a Tetra Tech Company! We are actively seeking a seasoned Senior Cybersecurity Architect/Engineer to bolster our dynamic team dedicated to supporting the Federal Aviation Administration (FAA). In this pivotal role, you will spearhead the migration from ArcSight to Splunk Security Information and Event Management (SIEM), alongside implementing Security Orchestration, Automation, and Response (SOAR) solutions, all within the framework of securing a large Federal environment. Your responsibilities will encompass not only executing these migrations and implementations but also delving into stakeholder requirements, offering strategic recommendations, and providing insightful guidance on security best practices, with a specialized focus on Aviation Safety and Cybersecurity. If you are a cybersecurity aficionado with a proven track record in architecting and engineering large implementations within the Federal domain, we want you on our team!"

Responsibilities

• Lead the design, planning, and execution of a large-scale migration from ArcSight to Splunk SIEM, adhering to strict Federal security protocols.
• Develop a comprehensive migration strategy, considering data mapping, normalization, transformation, and compliance requirements for Federal data handling (e.g., FISMA, FedRAMP).
• Configure Splunk for security analytics within a large federal environment, including event forwarding, indexing, searching, and reporting to meet compliance standards.
• Integrate Splunk with existing security tools and infrastructure within the Federal network architecture.
• Design and implement Splunk SOAR (Security Orchestration, Automation, and Response) playbooks to automate incident response workflows, ensuring adherence to Federal incident response procedures.
• Develop and maintain ArcSight and Splunk dashboards and reports for security monitoring/threat hunting, tailored for Federal security needs.
• Conduct user training on Splunk for security analysts and IT staff, focusing on functionalities relevant to Federal security operations.
• Maintain a deep understanding of the latest Splunk features and best practices, particularly within the context of Federal security deployments.
• Provide ongoing support and troubleshooting for the Splunk environment, ensuring optimal performance and adherence to compliance regulations.
• Exhibit expertise in the Splunk Common Information Model (CIM) and TSTATS.
• Master Splunk SPL (Search Processing Language).
• Develop new SIEM rules, correlations, and dashboards to fulfill in-house requirements.

Education

• Bachelor's degree in engineering (civil, electrical, electronic, chemical, industrial, mechanical, aeronautical, or computer from a college or university with a degree curriculum accredited by the Accreditation Board for Engineering and Technology (ABET) and 15 years of experience. Master's Degree in related field may be substituted for bachelor's degree and 3 years' experience. PhD in related field may be substituted for bachelor's degree and 7 years' experience.

Basic Qualifications

• Minimum of 10+ years of experience as an ArcSight or Splunk Architect or Engineer, with a proven track record of success in large-scale deployments within the Federal space.
• In-depth experience with Splunk Enterprise Security (ES) and SIEM configurations for Federal security environments, including understanding of CIS and DISA STIGs.
• Proven experience migrating complex SIEM systems (ideally ArcSight) to Splunk SIEM within the Federal space.
• Strong understanding of Splunk SOAR and its application for security automation in Federal environments.
• Expertise in security event correlation, log management, threat intelligence, and compliance with Federal security regulations (FISMA, FedRAMP).
• Demonstrated knowledge of security information and event management (SIEM) concepts within the Federal security landscape.
• Extensive understanding of network security, IT infrastructure, and Federal security protocols.
• Excellent analytical and problem-solving skills with a focus on mitigating security risks.
• Superior communication and collaboration skills, with the ability to effectively work with cross-functional teams across Federal agencies.
• Experience with Splunk Enterprise Cluster implementation, components, and infrastructure.
• Proficiency in scripting with Python or Bash.
• Familiarity with REST APIs, SQL, NoSQL, and Regular Expressions.
• Experience and proficiency in Windows and UNIX/Linux environments.
• Familiarity with security technologies at both host and network levels.
• Preferred certification as a SIEM vendor administrator.
• In-depth understanding of the application of cybersecurity policy, conducting threat assessments, and implementing mitigation strategies.
• Proficiency in evaluating the safety and security implications of technologies on the National Airspace System (NAS).
• Proven track record of collaborating with at least one of the FAA's Federal partners, such as CISA, DOD, DOE, DHS, or DOJ.
• Adept at comprehending and interpreting documentation, including Concept of Operations/Employment, Tactics, Techniques, and Procedures.
• Extensive knowledge of NIST SP 800-53 Rev5 controls and their practical application.

Other Qualifications

• Proficiency in system engineering practices, including requirements analysis, system design, integration, testing, and documentation.
• Experience in applying system engineering methodologies such as Systems Engineering Life Cycle (SELC) or Systems Development Life Cycle (SDLC) in cybersecurity projects.
• Experience in developing technical design documentation.
• Proven track record of delivering high-quality SOP documentation that is clear, concise, and actionable for security personnel to execute effectively.
• Experience in documenting detailed procedures and guidelines for security operations teams to follow in various scenarios, ensuring consistency and adherence to best practices.
• Proven ability to communicate effectively with system engineers, developers, and project managers to ensure cybersecurity considerations are addressed throughout the system development lifecycle.
• Strong communication skills, capable of effectively engaging at the senior leadership level within the FAA and its Federal partners.
• In-depth understanding of the application of cybersecurity policy, conducting threat assessments, and implementing mitigation strategies.
• Proficiency in evaluating the safety and security implications of technologies on the National Airspace System (NAS).
• Strong communication skills, capable of effectively engaging at the senior leadership.
• Credentials such as CompTIA Security+ and/or Certified Information Systems Security Professional (CISSP).

Work Requirements:

• Work location: Remote
• Work Hours: Standard Business Hours (Flexible)
• Travel: 0-15%
• Physical Requirements:
  • Extended Computer Use: Regular and prolonged periods of working at a computer terminal.
  • Lifting and Carrying: Occasional lifting of equipment and materials weighing up to 50 pounds may be required during installations or maintenance.
  • Mobility: Ability to move around the office environment to access computer hardware, networking equipment, and server rooms.
  • Dexterity: Manual dexterity and visual acuity to operate computer equipment, troubleshoot issues, and perform tasks requiring precision.
  • Sitting/Standing: Both prolonged sitting and occasional standing may be required for troubleshooting and attending to system issues.
• Required Clearance Level - Public Trust with Top Secret or an ability to obtain within a reasonable timeframe not to exceed 6 months.

About LS Technologies

At LS Technologies, a Tetra Tech company, we're enhancing our nation's critical infrastructure by providing engineering, technical, and professional services to Federal Government agencies. The quality of our work, deep technical expertise, and genuine passion for public service sets us apart. As a growing organization we are expanding our benefits and communication with our employees, offering add-ons that speak to our growing employees' needs. Join us in delivering high-quality solutions and shaping the future of safety and innovation for our government partners.

EEO Commitment

LS Technologies, LLC, a Tetra Tech company, provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

Requesting An Accommodation

LS Technologies, a Tetra Tech company, is committed to providing equal employment opportunities for persons with disabilities or religious observances, including reasonable accommodation when needed. If you are hired by LS Technologies and require accommodation to perform the essential functions of your role, you will be asked to participate in our reasonable accommodation process. Accommodations made to facilitate the recruiting process are not a guarantee of future or continued accommodations once hired.

If you would like to be considered for employment opportunities with LS Technologies and have accommodation needs for a disability or religious observance, please send us an email careers@lstechllc.com or speak with your recruiter.

Compensation (Pay Bands)

Salary at LST is determined by a wide array of factors, such as (but not limited to) education, certifications, knowledge, skills, competencies, and experience, location, and clearance level, as well as contract-specific affordability and organizational requirements and applicable employment laws. Please note that the salary information is a general guideline only.

The projected compensation range for this position is provided within the posting and is based on full-time, 40 hour/week status. Part-time staff receive compensation at an hourly rate. The estimated minimum and maximum displayed represents the broadest range for this position (inclusive of high geographic and high clearance requirements) and is just one component of LSTs total compensation package for employees. ** In compliance with local laws, LS Technologies presents this reasonable compensation range as a guideline for roles in California, Colorado, New York, or Washington D.C."

Benefits offered to all employees who work 30+ hours per week: Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Flexible Spending Accounts, EAP, Education Assistance, Parental Leave, Annual Leave, and Holidays.