Splunk Engineer at Judge Group

Location: Quantico, VA
Salary: $150,000.00 USD Annually - $160,000.00 USD Annually
Description: Our client is currently seeking a Splunk Engineer

Splunk Engineer

Location: Quantico, VA (telework flexibility at customer discretion)

Security Clearance: Top Secret

Responsibilities:

• Collaborate with intrusion analysts to identify, report on, and coordinate remediation of cyber threats.
• Provide timely and actionable sanitized intelligence to cyber incident response professionals.
• Leverage technical knowledge of computer systems and networks with cyber threat information to assess security posture.
• Conduct intelligence analysis to assess intrusion signatures, tactics, techniques, and procedures associated with cyber-attacks.
• Research hackers, hacker techniques, vulnerabilities, exploits, and provide detailed briefings and intelligence reports to leadership.
• Coordinate with Cyber Security and Operations teams to build dashboards and queries for threat detection and incident response.
• Develop security-focused content for Splunk implementations across multiple network classifications on Department of Defense (DoD) networks.
• Assist with designing log management and data ingest solutions ensuring efficiency and scalability.
• Support the development of automation and scripting directly supporting data/threat analysis.
• Implement and manage Splunk add-ons to enhance capabilities including advanced threat detection and machine learning.
• Support the A&A authorization of the Splunk environment.
• Monitor system recovery processes to ensure security features and functions are properly restored and functioning correctly following outages.
• Support implementation efforts for response/actions addressing operational and communication orders from governing organizations.
• Provide expert analysis of logs/alerts/records to prevent or detect anomalies or adverse events.
• Support the Government in the enforcement of suspected malicious activity.
• Participate in the change management process, including reviewing Change Requests and assessing the security impact of proposed changes.
• Work on project teams responsible for engineering and packaging releases to integrate within the customer’s production IT environment.
• Guide and advise government customers with Splunk best practice solutions and configurations.
• Support a growing Cybersecurity team with occasional training evolutions.
• Support RMF compliance requirements by analyzing processes and recommending solutions.
• Communicate well, both written and verbally.
• Perform other duties as assigned, associated with and/or in support of your primary role or program mission.

Minimum Requirements:

• Active Top Secret clearance.
• DoD 8570 (IAT II Level) certification.
• Position requires on-site support at Quantico, VA with telework flexibility at customer’s discretion.
• High School diploma with 10+ years (or commensurate experience).
• 5+ years of managing Splunk and SIEM systems.
• 2+ years of security engineering experience working with DoD IT systems and solutions.
• 1+ years of experience with application and OS logging.

Experience with Splunk Enterprise operations including:

• Configuration and system tuning.
• Alert and report creation.
• Deployment scaling.
• User Based Analytics implementation and review.

Preferred Qualifications:

• Active Splunk certification highly preferred (Architect/Developer level).
• Familiarity with Splunk Enterprise operations including:
  • Overall enterprise deployment and implementation.
  • Endpoint troubleshooting.
  • Splunk account management.
  • Deployment scaling.
  • DoD STIG dashboard creation.
  • ATO of Splunk systems in DoD packages.

Contact: lwinter@judge.com