Senior Splunk Engineer
Washington, D.C.
Agile Defense
At the forefront of innovation, driving advanced capabilities and solutions tailored to the most critical national security and civilian missions.
Requisition #518Job Title: Splunk EngineerLocation: REMOTEClearance Level: Active DoD - Public TrustSalary Range: $126,000 - $189,000 Required Certification(s): · Must have a Splunk certification
SUMMARYThe Security Operations Center (SOC) is a U.S. Government program responsible to prevent, identify, contain and eradicate cyber threats to the clients networks through monitoring, intrusion detection and protective security services to the clients information systems. The SOC is responsible for the overall security of the clients Enterprise-wide information systems, and collects, investigates, and reports any suspected and confirmed security violations.The Splunk Engineer will install and maintain Splunk infrastructure, gather requirements from customers, onboard data, and assist end users with searches, dashboards, reports, and knowledge objects. The Splunk Engineer may be required to interact with senior management, as necessary. Conceptualize, design, build, and maintain current and future customer-supported tools and platforms Manage multiple assignments, changing priorities, and work independently with little oversight Lead team of Splunk engineers in the management of Splunk solution to optimize data availability for SOC and other stakeholders. Develop data storage, access, and retention strategies for a large IT enterprise using industry standards and best practices to advise Customer executive-level stakeholders Design, build, implement, and administer Splunk infrastructure in on-prem and cloud environments.
JOB DUTIES AND RESPONSIBILITIES· Conceptualize, design, build, and maintain current and future customer-supported tools and platforms· Manage multiple assignments, changing priorities, and work independently with little oversight· Lead team of Splunk engineers in the management of Splunk solution to optimize data availability for SOC and other stakeholders.· Develop data storage, access, and retention strategies for a large IT enterprise using industry standards and best practices to advise Customer executive-level stakeholders· Design, build, implement, and administer Splunk infrastructure in on-prem and cloud environments.· Create, manage, and support automation solutions for Splunk deployment and orchestration in on-prem and cloud environments· Work with existing and custom Splunk applications and add-ons to fulfill customer needs· Provide overall engineering and design support for a distributed Splunk environment consisting of heavy forwarders, indexers, and search head servers, spanning security, performance, and operational roles· Onboard data to Splunk via forwarder, scripted inputs, TCP/UDP, and modular inputs from various sources· Normalize data to ensure CIM compliance, and develop data models to accelerate queries, dashboards, and correlation searches· Work closely with all relevant stakeholders to solve technical problems at the network, system, and application levels· Conduct periodic architectural reviews of Splunk and related systems to assess effectiveness and propose optimal installation alternatives as required· Develop and manage comprehensive documentation, artifacts, procedures, and processes for the optimal management of the Splunk infrastructure.
QUALIFICATIONSRequired Certifications· Must have a Splunk certification
Education, Background, and Years of Experience· Bachelors Degree
ADDITIONAL SKILLS & QUALIFICATIONSRequired Skills· Bachelor's degree · 8+ years of experience working in a professional environment· Experience with deploying, maintaining, or integrating using cybersecurity tools and applications, including Splunk, Cribl, and Elastic· Ability to integrate cybersecurity engineering principles into infrastructure planning, design, and deployment· Ability to meet schedule, performance, and quality within the systems development life cycle (SDLC)· Ability to support control consistency, integrity monitoring, and health checks of data ETL pipelines and review platforms
Preferred Skills· Experience with SIEM tools, endpoint security, or digital forensics· Experience with system engineering, computer science, information systems, engineering science, or engineering management· Knowledge of security architecture design and integration
WORKING CONDITIONSEnvironmental Conditions· Remote: Monday - Friday, core hours.Strength Demands· Sedentary – 10 lbs. Maximum lifting, occasional lift/carry of small articles. Some occasional walking or standing may be required. Jobs are sedentary if walking and standing are required only occasionally, and all other sedentary criteria are met.Physical Requirements· Stand or Sit; Walk; Repetitive Motion; Use Hands / Fingers to Handle or Feel; See; Push or Pull
SUMMARYThe Security Operations Center (SOC) is a U.S. Government program responsible to prevent, identify, contain and eradicate cyber threats to the clients networks through monitoring, intrusion detection and protective security services to the clients information systems. The SOC is responsible for the overall security of the clients Enterprise-wide information systems, and collects, investigates, and reports any suspected and confirmed security violations.The Splunk Engineer will install and maintain Splunk infrastructure, gather requirements from customers, onboard data, and assist end users with searches, dashboards, reports, and knowledge objects. The Splunk Engineer may be required to interact with senior management, as necessary. Conceptualize, design, build, and maintain current and future customer-supported tools and platforms Manage multiple assignments, changing priorities, and work independently with little oversight Lead team of Splunk engineers in the management of Splunk solution to optimize data availability for SOC and other stakeholders. Develop data storage, access, and retention strategies for a large IT enterprise using industry standards and best practices to advise Customer executive-level stakeholders Design, build, implement, and administer Splunk infrastructure in on-prem and cloud environments.
JOB DUTIES AND RESPONSIBILITIES· Conceptualize, design, build, and maintain current and future customer-supported tools and platforms· Manage multiple assignments, changing priorities, and work independently with little oversight· Lead team of Splunk engineers in the management of Splunk solution to optimize data availability for SOC and other stakeholders.· Develop data storage, access, and retention strategies for a large IT enterprise using industry standards and best practices to advise Customer executive-level stakeholders· Design, build, implement, and administer Splunk infrastructure in on-prem and cloud environments.· Create, manage, and support automation solutions for Splunk deployment and orchestration in on-prem and cloud environments· Work with existing and custom Splunk applications and add-ons to fulfill customer needs· Provide overall engineering and design support for a distributed Splunk environment consisting of heavy forwarders, indexers, and search head servers, spanning security, performance, and operational roles· Onboard data to Splunk via forwarder, scripted inputs, TCP/UDP, and modular inputs from various sources· Normalize data to ensure CIM compliance, and develop data models to accelerate queries, dashboards, and correlation searches· Work closely with all relevant stakeholders to solve technical problems at the network, system, and application levels· Conduct periodic architectural reviews of Splunk and related systems to assess effectiveness and propose optimal installation alternatives as required· Develop and manage comprehensive documentation, artifacts, procedures, and processes for the optimal management of the Splunk infrastructure.
QUALIFICATIONSRequired Certifications· Must have a Splunk certification
Education, Background, and Years of Experience· Bachelors Degree
ADDITIONAL SKILLS & QUALIFICATIONSRequired Skills· Bachelor's degree · 8+ years of experience working in a professional environment· Experience with deploying, maintaining, or integrating using cybersecurity tools and applications, including Splunk, Cribl, and Elastic· Ability to integrate cybersecurity engineering principles into infrastructure planning, design, and deployment· Ability to meet schedule, performance, and quality within the systems development life cycle (SDLC)· Ability to support control consistency, integrity monitoring, and health checks of data ETL pipelines and review platforms
Preferred Skills· Experience with SIEM tools, endpoint security, or digital forensics· Experience with system engineering, computer science, information systems, engineering science, or engineering management· Knowledge of security architecture design and integration
WORKING CONDITIONSEnvironmental Conditions· Remote: Monday - Friday, core hours.Strength Demands· Sedentary – 10 lbs. Maximum lifting, occasional lift/carry of small articles. Some occasional walking or standing may be required. Jobs are sedentary if walking and standing are required only occasionally, and all other sedentary criteria are met.Physical Requirements· Stand or Sit; Walk; Repetitive Motion; Use Hands / Fingers to Handle or Feel; See; Push or Pull
Job stats:
0
0
0
Category:
Security Engineering Jobs
Tags: Automation Cloud Compliance Computer Science DoD Endpoint security Forensics Intrusion detection Monitoring SDLC SIEM SOC Splunk
Region:
North America
Country:
United States
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information Security Manager jobsInformation System Security Officer jobsInformation Security Officer jobsSenior Cloud Security Engineer jobsInformation Security Specialist jobsSenior Cybersecurity Engineer jobsSenior Network Security Engineer jobsIT Security Engineer jobsCyber Security Specialist jobsSystems Engineer jobsSenior Information Security Analyst jobsSystems Administrator jobsSecurity Consultant jobsIT Security Analyst jobsChief Information Security Officer jobsSenior Cyber Security Engineer jobsSecurity Specialist jobsInformation System Security Officer (ISSO) jobsSenior Penetration Tester jobsInformation Systems Security Engineer jobsStaff Security Engineer jobsThreat Intelligence Analyst jobsCyber Threat Intelligence Analyst jobsSecurity Operations Analyst jobsSenior Product Security Engineer jobs
Encryption jobsJava jobsMalware jobsEDR jobsSplunk jobsGDPR jobsRMF jobsSaaS jobsForensics jobsIDS jobsDoDD 8570 jobsIPS jobsSQL jobsSDLC jobsBash jobsIntrusion detection jobsActive Directory jobsThreat detection jobsCompTIA jobsGIAC jobsFinance jobsCRISC jobsITIL jobsTerraform jobsDocker jobs
Clearance Required jobsOWASP jobsSANS jobsPolygraph jobsIndustrial jobsVPN jobsUNIX jobsHIPAA jobsCCSP jobsSOC 2 jobsTCP/IP jobsAnsible jobsBanking jobsIT infrastructure jobsOSCP jobsDNS jobsJavaScript jobsSAP jobsData Analytics jobsNIST 800-53 jobsSOX jobsMITRE ATT&CK jobsGCIH jobsJira jobsSOAR jobs