Description
AGT is looking for a Cyber Security Engineer to work in Wright Patterson AFB, OH. To join our team of outstanding professionals, apply today!
Support Cybersecurity personnel with installation, configuration, deployment, documentation and management of audit logging solution in support of larger Security Information and Event Management (SIEM)across NASIC’s Cornerstone Networks, in support of the IC and AF auditing requirements.
Responsibilities
- Maintain and scale NASIC’s auditing solution (currently Elastic Search, Logstash, beats, and Kibana) across NASIC’s Cornerstone Networks, in support of the IC and AF auditing requirements.
- Develop and document procedures/polices for NASIC to be compliant with Auditing guidance such as ICS 500-27 (Collection and Sharing of Audit Data).
- Provide technical support for investigates and inquires upon request. Utilize NASIC’s auditing solution, to create custom queries, searches, alerts, and dashboards.
- Identify and evaluate anomalous and suspicious system and network activity, detect and assess network intrusions and malware behavior by incorporating, monitoring, and analyzing event logs across numerous device types (TCP/IP, packet analysis, Windows logs, syslogs).
- Utilize SIEM information with other tools such as Assured Compliance Assessment Solution (ACAS), HBSS, SolarWinds, and Palo Alto.
- Identify coverage and efficiency gaps in security data and tooling.
- Notify Government Technical Monitor (GTM) of network intrusions and suspicious and anomalous events, and provide details as required within 1 business day of detection as directed by the NASIC Cybersecurity Incident Plan.
- Provide detailed operating process and training for items related to network monitoring.
- Participate in incident response and manage escalations as needed.
- Monitor metrics, and trend data related to network monitoring as directed by ICS 500-27.
- Provide monthly functional area reports summarizing work accomplished, work planned in next month and important issues occurring during the month.
Qualifications
- Possess and maintain Information Assurance Management (IAM) Level I certification as required by Air Force Manual (AFMAN) 17-1303, Department of Defense (DoD) Directive 8140.01, and DoD 8570.01-M.
- 3+ years’ experience operating or maintaining a SIEM solution such as the Elastic Stack, ArcSight, or Splunk.
- Active Top Secret with SCI eligibility.
Benefits InformationRegular - The company offers a comprehensive benefits program, including medical, dental, vision, life insurance, 401(k) and a range of other voluntary benefits. Paid Time Off (PTO) is offered to regular full-time and part-time employees.
Pay Range$90,000-100,000
Job ID2026-24138
Work TypeOn-Site