Splunk Engineer – Ts/Sci

Splunk Engineer – Ts/Sci

Requirements

• 3+ years of experience utilizing Splunk Enterprise
• Splunk Architect or Consultant certified (hard requirement)
• Experience with deploying, configuring, and performing functional testing and data validation in a Splunk environment
• Experience with Splunk performing systems administration, including performing installation, configuration, monitoring system performance and availability, upgrades, and troubleshooting in Windows and Linux Server environments
• Experience creating custom dashboards, writing queries and generating reports, and setting up alerts and notifications
• Familiarity with DoD Risk Management Framework
• Top Secret/SCI clearance with the ability to obtain a Counter-Intelligence polygraph
• Active DoD 8570 IAT Level III certification (CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, or CCSP)
• Active DoD 8570 Cybersecurity Service Provider (CSSP) – Infrastructure Support (IS) certification (CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND)
• HS diploma or GED and 7+ years of experience with supporting IT projects and activities, Associate’s degree and 5+ years of experience with supporting IT projects and activities, or Bachelor’s degree and 3+ years of experience with supporting IT projects and activities
• DoD 8570 IAT Level II Certification, including CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, or SSCP
• Ability to obtain a DoD 8570.01-M Cybersecurity Service Provider – Infrastructure Support Certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND Certification prior to start date

Responsibilities

• Work with an expert team focused on implementing and operating next-generation security solutions for government and commercial clients
• Use Splunk and integrate it with other state-of-the-art tools like HBSS, Enterprise Security Manager (ESM), Network Security Manager (NSM), NetFlow, and/or Intrusion Detection Systems (IDS) to monitor, detect, and analyze threats
• Perform hands-on evaluation, implementation, and operation of leading security Cyber defense tools and technologies
• Apply in-depth defense strategies for large and complex networks to rapidly identify vulnerabilities and threats, prioritizing response actions, including developing effective countermeasures
• Support the risk management and security compliance of specified cyber security tools
• Apply thought leadership to solving complex security challenges in a highly collaborative and innovative work environment

Preferred Qualifications

• Ability to ingest and parse logs within Splunk
• Experience with fields abstraction
• Experience with data modeling using Splunk
• Experience with workflows and drilldown query
• Experience administering Splunk in distributed deployments
• Experience with performing site surveys, data gathering, and research and analysis regarding deploying and implementing security tools
• Experience with DevSecOps and Elasticsearch, Logstash & Kibana (ELK)
• Possession of excellent oral and written communication skills, including using presentation expertise to convey complex ideas to client and internal staff
• Possession of excellent problem-solving skills