UNOS, a non-profit organization that serves as the nation's Organ Procurement and Transplantation Network which helps create and define organ allocation and distribution policies that make the best use of donated organs, is seeking a talented Splunk Expert. This role plays a pivotal role in engineering secure solutions to monitor and react to threats in a hybrid (On Prem/Azure) environment, as well as championing security throughout the organization.

Position Description

This position is responsible for understanding the best practices and regulatory environment for IT security and privacy and how to practically implement those items. In addition, the candidate is responsible for verifying current security posture and working with system owners to remediate vulnerabilities, ensure regulatory and policy compliance.

Key Responsibilities:

Security Requirements

• Design and implement security measures for the protection of computer systems, networks and information.
• Identify, define and communicate information security requirements
• Prepare and document standard security procedures and processes as well as technology specific security baselines
• Consult and advise system owners on the best methods for meeting information security requirements and remediated identified vulnerabilities
• Define system policies for systems users
• Develop, deploy and manage automation playbooks to automate tasks within the environment to reduce overhead for incident response, enrich information for analysts and decrease workload for Information Security Engineers.

Security Administration

• Perform network security administration
• Manage and monitor data ingestion into SIEM and SIEM-adjacent systems.
• Implement and tune correlation rules within SIEM solution.
• Configure and maintain security infrastructure devices including database maintenance tasks
• Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
• Lead response to security events and incidents as outlined in the UNOS Incident Response Guide. Maintain Incident Response Guide
• Define network systems security requirements and specifications
• Lead the development and implementation of information security procedures
• Evaluate network system design and configuration for security
• Develop recommendations for systems security upgrades and improvements
• Evaluate the impact of security configuration on system design and performance
• Track metrics for evaluating success of information security processes

• Perform application development related security administration
• Work with development staff to define application security requirements
• Define application security standards and polices for users and developers
• Evaluate web application design for security compliance
• Evaluate application servers for security compliance
• Evaluate technology and usage trends for impact on security
• Develop recommendations for systems security upgrades and improvements

• Perform client security administration
• Ensure that endpoint protection is current and active on all workstation and servers
• Evaluate systems design and configuration for security
• Monitor and report security problems

• Perform network security audits, analyze results and make recommendations for remediation
• Participate in third party NIST 800-53 security audits, analyze results, and make recommendations for any needed remediation.

• Develop recommendations for system security upgrades and improvements

• Develop and implement organization wide Security Awareness Program that includes:
• General security awareness training and assessment required for all UNOS employees and contractor per Corporate Security Policy
• Significant User training for employees with higher level of security responsibility or elevated privileges
• Periodic optional training and information for all staff on relevant topics

• Mentor junior staff and offer guidance on information security practices and processes

• Assist with maintaining the information security roadmap

• Manage medium to large information security projects

• Assist with government compliance reporting

Manage IT and security policies and standards

• Define security and access requirements
• Keep current with industry best practices and standards
• Develop areas of information management and security that require the establishment of policies and standards in the organization
• Assess currency and efficiency of IT security polices and standards and make recommendations for improvement
• Make recommendations for policies and standards to meet new and changing requirements
• Develop processes to disseminate and support compliance to policies and standards

Minimum Requirements

• 5 years of technical experience working in the Information Security field required
• 10 years of experience in the information technology field preferred
• 3-5 years of Splunk SaaS/SIEM Experience; Preferably experience with Splunk Enterprise Security and Splunk Government Cloud
• 1-3 years of SOAR/Automation (Splunk SOAR/Phantom preferably)
• One or more of the following certifications: Splunk Cloud Certified Admin, Splunk Enterprise Security Certified Admin, SANS GCDA, Splunk SOAR Certified Automation Developer

Critical Skills

Technical Requirements:

• Security Awareness
• Security Incident Response
• Vulnerability Management
• Antivirus/antimalware
• SIEM
• Firewalls
• Security Policy Development
• NIST 800-53 or HIPAA
• Security Monitoring
• Security Reporting

Familiarity the following areas:

• Familiarity with OMB-21-31 and ingesting data to meet those requirements
• Experience working with Linux-based and Windows-based Operating Systems
• Engineering secure cloud solutions in an Azure environment
•  Application security code reviews including DAST and SAST Scanning
•  Implementing Privilege Access Management (PAM) solution
•  Configuring and maintaining an automated PKI infrastructure
•  Experience working with security technologies, such as IDS/IPS, SIEM, access controls, encryption, and forensic tools.

Additional Skills & Qualifications

• Experience leading multiple large projects, leading definition, selection and implementation of security tools, technologies and processes
• Hands-on experience implementing and administering information security, infrastructure and software systems.
• Experience evaluating potential solutions, selecting and recommending the best solution
• Experience producing design documents that are used by others to effectively implement solutions
• Experience designing and implementing security technologies, such as IDS/IPS, SIEM, access controls, encryption and forensic tools.
• Ability to analyze systems based on business and technical user stories/requirements in order to design solutions that best meet the overall objectives of stakeholders
• Ability to strategically analyze and articulate risks, benefits and opportunities associated with a proposed design or solution.
• Demonstrated ability to design and implement complex infrastructure, applications, networks and systems with the goal of meeting business and security objectives
• Demonstrated ability to design modifications to existing systems that improve security without compromising business objectives
• Ability to design complex information security systems that impact multiple domains across Service Operations and Software Engineering
• Ability to review and mentor the work of others in evaluating business objectives, detailing security user stories and generating technical specifications
• Champion information security throughout the organization
• Ability to estimate total costs of proposed solutions, including effort, acquisition costs and on-going costs

Education

4-year Degree in Computer Science/Engineering or equivalent IT Information Security experience

Physical Requirements

• General office demands
• Ability to work on-call rotational hours

About Us

UNOS Benefits

Authorization

Agency Statement

UNOS provide equal employment opportunity for all applicants and employees. It will not unlawfully discriminate or permit harassment against any employee or applicant on the basis of race, ethnicity, color, religion, national origin, gender, age, disability, familial or marital status, military or veteran status, sexual orientation, gender identity and expression, genetic information, or any other characteristics or classification protected under applicable law (“protected categories”). This policy applies not only to hiring, but also to working conditions, benefits and privileges of employment, training, appointments for advancement, transfers, layoffs, recalls, terminations of employment and all other terms and conditions of employment.

UNOS is also an affirmative action employer. It takes affirmative action to recruit and provide opportunities for advancement to qualified females and minorities, individuals with disabilities, special disabled veterans and other protected veterans. It hires and promotes based on job-related requirements and individual qualifications. Action is taken to ensure the fulfillment of this policy as to all phases of the employment process including hiring, placement, training, upgrading, transfers and/or demotions, recruiting, layoffs and termination of employment.

UNOS invites individuals with disabilities and protected veterans to identify themselves, if they wish to do so. Such communication will be kept as confidential as possible and will be used only in accordance with the law. Candidates may contact the EEO/AA Officer at human.resources@unos.org to self-identify or request an accommodation.

EEO is the Law | EEO is the Law Supplement | E-Verify Participation English/Spanish | Right to Work | Right to Work Spanish | Pay Transparency