Data Engineer & Splunk Integration SME

Data Engineer & Splunk Integration SME

Job Category: Information Technology

Time Type: Full time

Minimum Clearance Required to Start: None

Employee Type: Regular

Percentage of Travel Required: None

Type of Travel: None

* * *

The Opportunity:

CACI is seeking a Data Engineer & Splunk Integration SME to support a complex data modeling position supporting cybersecurity data collection, analysis, and mitigation. This position will be responsible for researching industry trends related to enterprise data and incorporating best practices into the roadmap.

The engineer will be responsible for analysis of data derived from diverse cybersecurity tools and architecting and developing scalable and comprehensive enterprise solutions to extract data from source systems or models, transform data according to Business Rules and MDM, and load data into operational and presentation models. The engineer will also work with the Integration Layer Architecture Product Owner to develop an approach for expanding the scope of the existing data integration layer to accommodate data from an expanded set of data sources, as a part of a future solution deployment.

This position will support the Continuous Diagnostics and Mitigation (CDM) Program’s mission to safeguard and secure cyberspace in an environment where the threat of cyber-attack is continuously growing and evolving and is responsible for enhancing the security, resilience, and reliability of the Nation’s cyber and communications infrastructure.  The CDM Program defends the United States (U.S.) Federal Information Technology (IT) networks from cybersecurity threats by providing continuous monitoring sensors (tools), diagnosis, mitigation tools, and associated services to strengthen the security posture of Government networks.

Responsibilities:

• Develop and maintain well-structured data models within our data lake (e.g. Splunk and Elastic)
• Design and build reusable data integration APIs for the data lake with optimal storage, compute scale, and observability.
• Examine the criteria and develop data structures following client-established norms.
• Build and accelerate low-code ETL/ELT system to process billions of records daily.
• Develop rules and algorithms using ML/AI in data processing, transformation, and correlation, whether the data is structured, unstructured, or semi-structured.
• Use Python, BASH, PowerShell, or another scripting language to automate manual processes.
• Developing, deploying, scheduling, and maintaining the data pipeline workflows to move data from multiple source systems to the Splunk and Elastic
• Identify and define system data collection requirements.
• Engineer, implement and monitor Splunk and Elastic infrastructure.
• Identify and define system data collection requirements
• Develop technical solutions and investigate new security tools to help mitigate security vulnerabilities and automate repeatable reports using Splunk data-lake or other similar tools
• Develop query mechanisms using Splunk and Elastic within hours of receiving a data request
• Deploy Splunk into virtual and cloud environments (AWS and Azure)
• Write comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancement.
• Prepare and document standard operating procedures and protocols for all designed and developed solutions that ensures detailed project documentation.

Qualifications:

Required: 

• US Citizenship required
• There is no clearance requirement to begin employment.  However, as a requirement of continued employment, you must meet eligibility requirements for access to classified information and be clearable to a Department of Homeland Security (DHS) Entrance on Duty (EOD) authorization.
• Experience in building and maintaining data integration and processing systems that receive data feeds from multiple disparate data sources
• Possess strong problem-solving skills and can work effectively under high-pressure situations.
• Proactively identify, investigate, and resolve complex data discrepancies and performance issues.
• An ability to look past the surface of a request to understand the “why” to address the root business question and deliver a strategic solution.
• Patiently and collaboratively manages stakeholders expectations, provides outstanding user support.
• Expert in programming languages like Python, R, Java, and Scala, and well-versed in libraries and frameworks for ML/AI such as TensorFlow+Keras, PyTorch, and scikit-learn – 4 or more years
• Extensive experience in ML algorithms, statistical analysis, data mining, data visualization, data labeling – 4 or more years
• Experience in Splunk and Elastic – 5 or more years.
• Experience in Data Lakes such as Databricks Data Lake, Azure Data Factory, Azure Databricks, Snowflake, AWS Glue, AWS Stitch – 4 or more years
• Practical knowledge in data cleaning, reporting, and visualization.
• Experience with source control tools such as GitLab, Github or Azure DevOps and related CI/CD processes - 4 or more years
• Experience with Data Modelling – 4 or more years
• Data Management Concepts (Data Extraction, Cleansing, Transformation, loading, Validation, Migration, Modelling, RDBMS concepts) – 4 or more years
• BS degree in Computer Science or a related field

Desired:

• Any other cybersecurity certification such as Security+, CEH, or CISSP
• Any other relevant certification on tools used for large scale data integration and processing.
• Knowledge / experience of Machine Learning

-

________________________________________________________________________________________

What You Can Expect:

 

A culture of integrity.

At CACI, we place character and innovation at the center of everything we do. As a valued team member, you’ll be part of a high-performing group dedicated to our customer’s missions and driven by a higher purpose – to ensure the safety of our nation.

 

An environment of trust.

CACI values the unique contributions that every employee brings to our company and our customers - every day. You’ll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.

 

A focus on continuous growth.

Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground — in your career and in our legacy.

 

Your potential is limitless. So is ours.

Learn more about CACI here.

________________________________________________________________________________________

Pay Range: There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn more here.

Since this position can be worked in more than one location, the range shown is the national average for the position.

The proposed salary range for this position is:

$114,600-$252,100

CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic.