G240SE3 - Sr Splunk Engineer - Cleared

• Ensure the Splunk infrastructure functions properly with PKI-based authentication, corporate authorization services, firewalls, and SSL/TLS communications.
• Contribute to development and ongoing improvement of industry best practices and standards for maintaining data analytics enterprise technologies.
• Assist with installing, testing, and deploying hotfixes/patches for Splunk app/product releases to manage enterprise vulnerabilities.
• Assist with development of knowledge articles, documentation, and work instructions used by the Splunk, server, desktop and Information System Security teams, and Tier 2/3 Help Desk technicians.

*Requires after hours on-call

Requirements

TS/SCI with poly required

• High School/GED and 25 years of experience
• A Bachelor of Science may be substituted for 5 years of experience
• Experience managing user authentication within Splunk including RBAC/ABAC
• Strong organizational, communication, and collaboration skills

One of the Following Certifications Required:

• CCNA Security
• CySA+
• GICSP
• GSEC
• Security+
• CND
• SSCP
• CASP
• CCNP Security
• CISA
• CISSP
• GCED
• GCIH
• CCSP

Desired:

• Experience reviewing network, host, and firewall security logs
• Experience with Splunk Machine Learning Toolkit (MLTK)
• Experience with scripting languages such as CSS, HTML, JavaScript, and Python
• Knowledge of RMF, Trellix ePO, NESSUS, SCAP, and vulnerability scanning
• ServiceNow Ticketing System
• Shell scripting to automate tasks and manipulate data

Benefits