SIEM Engineer (Splunk) - Monitoring & Reporting

Salary: $120,000 - $165,000

York Space Systems was founded to radically improve spacecraft affordability and reliability, transforming, and enabling next- generation space mission operations worldwide. Today, York is one of the most innovative aerospace companies, specializing in end-to-end customer solutions and the rapid production of spacecraft platforms. York’s complete Space Segment Solution includes spacecraft production, payload integration, system integration & test, launch services, ground segment services, and mission operations, enabling customers to leverage York’s existing technology solutions to get to orbit rapidly and responsively. We’re looking to expand our team across the board.
York Space Systems is a leading aerospace manufacturing organization dedicated to maintaining the highest standards of cybersecurity. We prioritize the protection of Controlled Unclassified Information (CUI) and are committed to achieving compliance with the Cybersecurity Maturity Model Certification (CMMC) framework. As a vital member of our team, you will play a pivotal role in monitoring our systems, reporting, and logging any security events and alerts, and aligning our journey toward the CMMC certification.
As a SIEM/Cybersecurity Engineer concentrating on Monitoring and Reporting, you will play a crucial role in safeguarding our corporate Cybersecurity posture. You will be responsible for utilizing advanced tools, such as Splunk and Defender 365 Security, to monitor, analyze, and report on security events and alerts across our networks, systems, and assets. Your expertise in Cybersecurity analytics and reporting will contribute to maintaining a resilient security infrastructure, promptly identifying and mitigating potential threats, and ensuring the confidentiality, integrity, and availability of our organization's Controlled Unclassified Information (CUI).
RESPONSIBILITIES: 

1. Security Monitoring:
   • Utilize Splunk, Defender 365 Security, and other cybersecurity tools to continuously monitor network traffic, system logs, and security alerts for anomalous or suspicious activities.
   • Conduct real-time analysis of security events to identify potential security incidents or breaches.
   • Maximize performance of the SIEM and other tools and ensure full log reporting, proper configuration, and alerting is fully enabled.
   • Analyze logs as well as engineer SIEM serving as monitoring and engineering SME.
   • Support CMMC compliance framework as well as classified security certifications/ATO’s
2. Threat Intelligence:
   • Stay abreast of the latest cybersecurity threats and vulnerabilities by actively monitoring threat intelligence sources.
   • Integrate threat intelligence data into monitoring and reporting processes to enhance detection capabilities.
3. Reporting:
   • Generate regular and ad-hoc reports on the cybersecurity posture, including key performance indicators, incidents, and trends.
   • Communicate findings and intricacies to relevant stakeholders, both technical and non-technical, in a clear and understandable manner.
4. Continuous Improvement:
   • Proactively identify areas for improvement in monitoring and reporting processes, tools, and procedures.
   • Identify and implement enhancements to strengthen the overall cybersecurity posture.
5. Collaboration and Communication
   • Collaborate with other cybersecurity teams, IT departments, and business units to share insights, coordinate responses, and foster a culture of security awareness.
   • Assist with training and awareness sessions to staff on cybersecurity best practices.

QUALIFICATIONS: 

• MUST HAVE
  • Ability and willingness to work on-site
  • Bachelors degree or Sec+ or higher
  • U.S. Citizen; (Green Card not acceptable) 
• MUST HAVE Extensive SPLUNK engineering knowledge, with the ability to configure, troubleshoot, adapt and enhance the system
• MUST HAVE in depth knowledge of log analysis, searching, pivoting, and log analysis with real world experience
• Excellent communication and interpersonal skills
• Relevant certifications (e.g., CISSP, CISM, CompTIA Security+) are a plus.
• US Security Clearance (Secret or higher level) preferred. Ability to obtain a security clearance required. 

Join us in our commitment to safeguarding our organization's information assets and ensuring compliance with industry standards. This role offers an exciting opportunity to contribute to our cybersecurity initiatives and drive our company towards achieving the CMMC certification. If you're passionate about cybersecurity and possess the expertise to lead compliance efforts, we'd love to hear from you.
York Space Systems provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, military or protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. Must have permanent authorization to work in the United States. This policy applies to all terms and conditions or employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. YORK SPACE SYSTEMS IS AN EEO EMPLOYER.