Job Title: Cybersecurity Engineer 3
Location: Remote (Web Cam Interview Only)
Agency: Virginia Department of Health (VDH)
Job Description
The Virginia Department of Health (VDH) is seeking a skilled Cybersecurity Engineer 3 to bolster its security posture by performing penetration testing (Pentesting), managing Splunk data collection infrastructure, and ensuring adherence to security best practices. This role is fully remote and requires a proactive and detail-oriented professional with extensive experience in cybersecurity.
Key Responsibilities
Penetration Testing (Pentesting):
Perform penetration tests on VDH applications, systems, and networks to identify security vulnerabilities.
Analyze vulnerabilities and develop appropriate mitigation strategies.
Generate comprehensive reports detailing findings, risks, and conclusions.
Recommend security improvements and methods to mitigate risks effectively.
Collaborate with VDH IT teams to determine testing requirements and priorities.
Create and implement new penetration testing methodologies, scripts, and tools.
Splunk Infrastructure Management:
Administer and maintain the Splunk data collection infrastructure, including:
Deployment Server management for distributing Splunk Universal Forwarder instances.
Syslog server configuration for collecting data from infrastructure systems (e.g., firewalls, IDS, UPS).
Splunk heavy forwarders for database and third-party system integration.
HTTP Event Collector setup for custom application data collection.
Splunk Stream usage for wire data capture and statistical analysis.
Re-architect Syslog aggregation for Splunk to improve high availability and storage configuration.
Expand log source collection for existing source types and develop custom scripts for non-standard data collection.
Risk Assessment and Security Awareness:
Conduct risk assessments to identify potential threats and vulnerabilities.
Promote security awareness across teams, ensuring adherence to security standards and best practices.
Utilize frameworks like NIST 800-53 for compliance and risk management.
Required Skills and Qualifications
Penetration Testing: 4+ years of experience performing Pentests and vulnerability analysis.
Splunk Administration: 3+ years of hands-on experience managing and configuring Splunk infrastructure.
Vulnerability Management: 2+ years of experience in identifying and mitigating system vulnerabilities.
Security Awareness: Proven ability to foster a culture of security and educate teams on best practices.
Team Collaboration: Strong teamwork skills with at least 4+ years of experience working in collaborative environments.
Desired Skills
Risk Assessment: 3+ years of experience analyzing and mitigating risks.
Familiarity with NIST 800-53 compliance frameworks and controls.
Additional Information
This role is critical to ensuring the security and operational integrity of VDH systems. If you are a highly skilled cybersecurity professional passionate about safeguarding digital infrastructure, we encourage you to apply.
Job Type: Contract
Pay: $62.53 - $67.68 per hour
Expected hours: 40 per week
Benefits:
Compensation Package:
Schedule:
Experience:
- Linux: 1 year (Preferred)
- Cybersecurity: 1 year (Preferred)
- Information security: 1 year (Preferred)
Work Location: Remote
