Cybersecurity Engineer (Splunk SME)

Fairfax, VA

phia, LLC

At phia, trust us to solve the complex challenges of our connected world through top-tier cyber intelligence & threat hunting. Contact us.

View all jobs at phia, LLC

Apply now Apply later

At phia we hire talented and passionate people who are focused on collaborative, meaningful work, providing technical and operational subject matter expertise and support services to our partners and clients.
phia is hiring a Cybersecurity Engineer (Splunk SME) to support cyber defense operations at a large Federal agency.  In this role, you will be pivotal in enhancing the security of both on-premises and cloud infrastructure, which is the foundation for essential security tools. This position offers full remote flexibility from U.S. locations. Public Trust is required.

What You'll Do

  • Oversee day-to-day operations of the SIEM within the organization.
  • Design, deploy, and configure cutting-edge SIEM solutions (e.g. Splunk, Microsoft/Azure Sentinel, IBM QRadar) to meet evolving security needs.
  • Optimize SIEM processes to ensure efficient and effective log collection and employ event management best practices.
  • Support security analysts in enabling threat identification, event detection, and information management.
  • Plan, implement, and manage full data lifecycle for Splunk infrastructure (data ingestion, compression, indexing, archiving, etc.).
  • Manage correlation rules, filters, alerts, report generation, security content development and delivery, health checks, and performance tuning.
  • Perform security assessments, and audits, and ensure regulatory compliance.
  • Leverage proficiency in networking concepts, system administration, security fundamentals, and access controls for SIEM deployment and optimization
  • Implement effective logging mechanisms and data collection methodologies to support SIEM operations
  • Utilize technical knowledge across multiple domains to configure, maintain, and enhance the SIEM solution
  • Work with the SIEM team to fine-tune components, analyze complex issues, and provide innovative solutions in the SIEM environment.
  • Coordinate with SOC monitoring/detection/analysis teams and incident response teams.
  • Provide mentorship and direction to junior team members.

Required: Education + Experience

  • High School + 16 years of relevant experience, or
  • AA/AS + 14, years of relevant experience, or
  • BA/BS + 12, years of relevant experience, or
  • MA/MS + 10, years of relevant experience 
  • Experience managing and optimizing Splunk architecture components like search heads, indexers, heavy forwarders, universal forwarders, and clusters
  • To understand and configure Splunk indexing processes, including hot/warm/cold buckets and data models
  • Ability to develop regular expressions (regex) for data parsing and field extractions using props.conf and transforms.conf
  • Knowledge to design and implement large-scale data ingestion pipelines via APIs, syslog, and universal forwarders
  • Ability to troubleshoot and tune Splunk deployments for performance and stability, leveraging deep Linux systems knowledge
  • Experience building advanced data models and pivot interfaces for complex data analysis
  • Ability to develop and optimize SIEM content and processes, including managing correlation rules, filters, alerts, and report generation.
  • Proficiency in scripting languages (e.g., Python, PowerShell) and automating tasks in a SIEM ecosystem.
  • Strong understanding of networking and operating system administration fundamentals.

Certifications- One or more required (or similar certifications in SIEM technology):

  • Splunk Cloud Certified Admin
  • Splunk Enterprise Certified Admin
  • Splunk Enterprise Certified Architect
  • Splunk Enterprise Certified Consultant

Security Clearance

  • U.S. Citizenship required
  • Ability to achieve Public Trust or higher

Desired

  • Expertise in integrating diverse threat intelligence feeds for proactive threat detection.
  • Familiarity with emerging security technologies and proactive engagement in the field
  • Broad familiarity with various security tools beyond SIEM technology.
#LI-LC1
Who You Are A proactive problem solver that appreciates the challenges of working in a fast-paced, dynamic environment.Intellectually curious with a genuine desire to learn and advance your career.An effective communicator, both verbally and in writing.Customer service-oriented and mission-focused.Critical thinker with excellent problem-solving skills If your experience and qualifications aren’t a match for this position, you will remain in our database for consideration for future opportunities that may be a better fit.
Who We Arephia, LLC is a Northern Virginia-based, small business established in 2011 with a focus on Cyber Intelligence, Cyber Security/Defense, Intrusion Analysis & Incident Response, Cyber Architecture & Capability Analysis, Cyber Policy & Strategy, and Information Assurance/Security. we proudly support various agencies and offices within the Department of Defense (DoD), Federal government, and private/commercial entities.phia values work-life balance and offers the following benefits to full-time employees: Comprehensive medical insurance to include dental and visionShort Term & Long-Term Disability 401k Retirement Savings Plan with Company MatchTuition and Professional Development Assistance Flex Spending Accounts (FSA)
phia does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity, or any other reason prohibited by law in the provision of employment opportunities and benefits.
Apply now Apply later
  • Share this job via
  • 𝕏
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  0  0  0

Tags: APIs Audits Azure Clearance Cloud Compliance Cyber defense DoD Incident response Linux Monitoring PowerShell Python QRadar Scripting Security assessment Security Clearance Sentinel SIEM SOC Splunk Strategy Threat detection Threat intelligence

Perks/benefits: 401(k) matching Career development Health care Insurance

Region: North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.