This role involves defining standard logging formats, enforcing consistent logging configurations across multiple servers and hosts, and ensuring log data is effectively collected and forwarded to meet security and operational requirements within a DoD environment. The ideal candidate will work independently within a small team, while also engaging with system administrators and other stakeholders to ensure logging systems are optimized and meet organizational requirements for security auditing.
Required Skills & Qualifications:
- Experience in configuring and managing central logging servers (e.g., ELK Stack, Graylog, Splunk) and endpoint logging solutions.
- Deep understanding of logging protocols (e.g., Syslog, Windows Event Logs) and log forwarding mechanisms.
- Ability to define and enforce standard logging event formats across diverse environments.
- Strong troubleshooting and analytical skills to diagnose issues in log collection and forwarding processes.
- Ability to work independently, provide timely updates, and deliver results within a small team.
- Excellent communication skills with the ability to interact effectively with system administrators and technical stakeholders.
- Experience with security information and event management (SIEM) systems.
- Experience with Graylog Enterprise.
- Experience with Docker and Docker Compose.
- Understanding of compliance requirements related to log management and retention.
- Prior experience working in a customer-facing technical support role.
- Experience with Security Technical Implementation Guides (STIGs).
- Experience with Git version control system.
Certifications: Security+ (If Candidate possesses all requirements, they may be allowed to obtain the Security+ Certificate within 90 days of employment)
Security Clearance: Top Secret
Education Level: Minimum High School Diploma
