Senior Security Engineer - Splunk

Make a difference here.
UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite of security operations solutions. Founded and operated by security practitioners with decades of experience, the UltraViolet Cyber security-as-code platform combines technology innovation and human expertise to make advanced real-time cybersecurity accessible for all organizations by eliminating risks of separate red and blue teams.
By creating continuously optimized identification, detection, and resilience from today’s dynamic threat landscape, UltraViolet Cyber provides both managed and custom-tailored unified security operations solutions to the Fortune 500, Federal Government, and Commercial clients. UltraViolet Cyber is headquartered in McLean, Virginia, with global offices across the U.S. and in India. 
Our Federal Delivery team is seeking a Senior Security Engineer specializing in Splunk to enhance our security monitoring, detection, and response capabilities within federal government environments. This role will be responsible for designing, implementing, and optimizing Splunk deployments to support advanced threat detection, security analytics, and compliance monitoring across critical infrastructure. 

What You'll Do:

• Design and implement Splunk Enterprise Security for large-scal enterprise network environment 
• Provide O&M support of large Cribl Deployment 
• Develop custom Splunk apps, dashboards, and reports to enhance security visibility 
• Create and optimize complex SPL queries for threat detection and security analytics 
• Integrate Splunk with other security tools to build a comprehensive security monitoring ecosystem 
• Design and maintain Splunk data models to support security use cases and compliance reporting 
• Develop custom threat detection rules and correlation searches in Splunk 
• Configure and tune Splunk alerts to reduce false positives and enhance detection efficacy 
• Support compliance reporting for FISMA, RMF, and other federal requirements 
• Provide technical expertise during security incidents and coordinate response activities 

What You've Done:

• Bachelor's degree in Cybersecurity, Information Security, or related field 
• 7+ years of security engineering experience with 3+ years of advanced Splunk implementation 
• Splunk Certified Architect or Splunk Certified Enterprise Security Admin certification 
• Experience designing and implementing Splunk Enterprise Security in large environments, along with Cribl 
• Strong knowledge of SPL query language and advanced search techniques 
• Experience creating custom Splunk dashboards, reports, and visualizations 
• Demonstrated expertise in security monitoring and SIEM technology 
• Experience implementing security controls per NIST SP 800-53 requirements 
• Proficiency with Splunk administration and performance tuning 

Preferred Qualifications:

• Experience supporting federal agency security operations centers 
• Splunk and Cribl certifications highly desired 
• Additional security certifications (CISSP, GCIA, GCIH, Security+) 
• Experience with Splunk implementations 
• Background in security architecture for government networks 
• Knowledge of CISA directives and CDM program requirements 
• Experience with cloud security monitoring using Splunk and Cribl 
• Familiarity with Zero Trust architecture implementation 

Work Environment:

• Hybrid work model with 2 day/week on-site presence near National Harbor, Maryland 
• Must be able to pass a Federal background investigation - US Citizenship required
• Participation in on-call rotation for security incident response 
• Collaboration with cross-agency security teams 

What We Offer:

• 401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed  
• Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment)  
• Group Term Life, Short-Term Disability, Long-Term Disability  
• Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness  
• Participation in the Discretionary Time Off (DTO) Program  
• 11 Paid Holidays Annually 

UltraViolet Cyber maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect our company's differing products, services, industries and lines of business. Candidates are typically placed into the range based on the preceding factors.

We sincerely thank all applicants in advance for submitting their interest in this position. We know your time is valuable.
UltraViolet Cyber welcomes and encourages diversity in the workplace regardless of race, gender, religion, age, sexual orientation, gender identity, disability, or veteran status. 
If you want to make an impact, UltraViolet Cyber is the place for you!