By Light is seeking a Senior Security Tools Engineer to join our team in a proposal to support the U.S. Citizenship and Immigration Services (USCIS) with Cyber Security Defense Services (CSDS). The scope of the project involves protecting USCIS' IT infrastructure and resources, information systems, and the information used in these environments from cybersecurity threats.
Current SEB operations include: deploying and operating cyber security tools, reviewing USCIS source code, assessing the security and effectiveness of USCIS systems, security tools and processes, providing security engineering expertise to other OIT divisions, securing USCIS Networks, operating the USCIS vulnerability management program, and developing and deploying solutions to automate security compliance USCIS systems hosted in cloud environments.
Our team will assess, architect, implement, deploy, and operate solutions for capturing security relevant information (e.g. log data, NetFlow data), and analyzing it to identify markers, patterns, and anomalies
that indicate intrusions, lateral movement, command and control, data exfiltration, or other security issues. We will operate the USCIS Security Event and Incident Management (SIEM) tool, and work collaboratively with development and operational teams to set and implement standards for logging. The system currently in use is Splunk Enterprise.