Splunk Core Engineer - TSSCI wFS Poly
Splunk Core Engineer - TSSCI wFS Poly
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
5years
200000 - 200000
1 Vacancy
Job Description
Job Title: Splunk Core Engineer
Location: Fort Meade MD
Clearance: Top Secret Full Scope Polygraph (TS/SCI w/ FSP)
Position Summary
We are seeking a highly skilled Senior Splunk Core Engineer with expertise in Splunk IT Service Intelligence (ITSI) and Enterprise Security (ES) to support cybersecurity operations in a customer environment. The ideal candidate will have extensive experience in Security Operations Center (SOC) functions SIEM operations and Defensive Cyber Operations (DCO). This role will be responsible for maintaining operating and enhancing Splunk security products providing technical expertise and contributing to the customer s cybersecurity strategy and SOC policies.
Responsibilities
- Operate and maintain Splunk IT Service Intelligence (ITSI) within customer environments.
- Develop plan and implement Splunk Security Products to enhance cybersecurity operations.
- Provide technical expertise in SIEM operations threat hunting (Tier II) and Defensive Cyber Operations (Tier III).
- Support SOC functions including Tier I alerting investigations and ongoing monitoring (O&M) of the Splunk Enterprise Security (ES) platform.
- Analyze and articulate analytical and security practices to improve incident detection investigation and response.
- Work with crossfunctional teams to develop security best practices and enhance security operations.
- Provide technical consulting and strategic recommendations for improving cybersecurity policies and security postures.
- Develop and implement Splunk dashboards alerts and analytics to improve monitoring capabilities.
Requirements
Education & Experience:
- BA/BS in Computer Science Computer Engineering Cybersecurity or equivalent work experience (preferred but not required).
- 8 years of experience in technical consulting big data analytics or security operations.
- Prior experience implementing Splunk Security Products is preferred.
Certifications (Required):
- Splunk Core Consultant Certification
- Splunk IT Service Intelligence (ITSI) Accreditation
- Splunk Enterprise Security (ES) Accreditation
Technical Skills:
- Strong expertise in Splunk ITSI and Enterprise Security (ES).
- Experience with Security Information and Event Management (SIEM) platforms.
- Strong knowledge of SOC operations threat detection threat hunting and incident response.
- Experience with Tier I alerting Tier II investigations and Tier III Defensive Cyber Operations (DCO).
- Proficiency in developing Splunk dashboards custom alerts and automation.
- Ability to analyze large datasets for security analytics and reporting.
- Experience working in multidomain and large enterprise environments.
Benefits
- Annual Leave
- United Healthcare Medical Plan Options
- United Healthcare Dental Plan
- United Healthcare Vision Plan
- 401k Plan
- Life Insurance Short Term Disability (STD) and Long Term Disability (LTD) Plans
- Flexible Spending/ Section 125 Plans
- Additional Ancillary Insurance Options
Strong expertise in Splunk ITSI and Enterprise Security (ES). Experience with Security Information and Event Management (SIEM) platforms. Strong knowledge of SOC operations, threat detection, threat hunting, and incident response. Experience with Tier I alerting, Tier II investigations, and Tier III Defensive Cyber Operations (DCO). Proficiency in developing Splunk dashboards, custom alerts, and automation. Ability to analyze large datasets for security analytics and reporting. Experience working in multi-domain and large enterprise environments.
Education
Bachelor's Degree
Employment Type
Full Time
