We are seeking a highly skilled LMS Engineer to configure and manage the agency’s Log Management System (LMS). The successful candidate will be responsible for setting up LMSs, configuring existing systems, and ensuring seamless forwarding of logs to the Global Cyber Security Operations Center (GCSOC). This role requires strong expertise in Linux/Unix system administration and networking, particularly in troubleshooting network routing and firewall issues.
Key Responsibilities:
- Configure the agency’s existing Log Management Systems (LMS) to forward logs to GCSOC.
- Set up LMS at the agency if it is not already in place, either on a physical server or virtual machine.
- Work with recommended LMS platforms for GCSOC, such as:syslog-ng (support HTTP forwarding for compression)
Rsyslog (support HTTP forwarding for compression)
Splunk heavy forwarder
Kiwi syslog
- Collaborate with agencies to plan, schedule, and manage LMS configuration tasks.
- Provide installation and configuration documentation.
Candidate Requirements:
- Proven experience in Linux/Unix system administration, including: System troubleshooting
Software installation
Modifying operating systems and application configurations
- Strong networking knowledge, with expertise in: Troubleshooting network routing issues
Firewall configuration and troubleshooting
- Experience with log forwarding, compression, and setting up LMS.
Preferred Skills:
- Familiarity with tools like syslog-ng, Rsyslog, Splunk, and Kiwi syslog.
- Experience working in a security operations center (SOC) or related environment.
- Project management and coordination with external agencies.
