Splunk Engineer at Judge Group
Quantico, VA
About the Job
Location: Quantico, VA
Salary: $150,000.00 USD Annually - $160,000.00 USD Annually
Description: Our client is currently seeking a Splunk Engineer
Contact: lwinter@judge.com
Salary: $150,000.00 USD Annually - $160,000.00 USD Annually
Description: Our client is currently seeking a Splunk Engineer
Splunk Engineer
Location: Quantico, VA (telework flexibility at customer discretion)
Security Clearance: Top Secret
Responsibilities:
- Collaborate with intrusion analysts to identify, report on, and coordinate remediation of cyber threats.
- Provide timely and actionable sanitized intelligence to cyber incident response professionals.
- Leverage technical knowledge of computer systems and networks with cyber threat information to assess security posture.
- Conduct intelligence analysis to assess intrusion signatures, tactics, techniques, and procedures associated with cyber-attacks.
- Research hackers, hacker techniques, vulnerabilities, exploits, and provide detailed briefings and intelligence reports to leadership.
- Coordinate with Cyber Security and Operations teams to build dashboards and queries for threat detection and incident response.
- Develop security-focused content for Splunk implementations across multiple network classifications on Department of Defense (DoD) networks.
- Assist with designing log management and data ingest solutions ensuring efficiency and scalability.
- Support the development of automation and scripting directly supporting data/threat analysis.
- Implement and manage Splunk add-ons to enhance capabilities including advanced threat detection and machine learning.
- Support the A&A authorization of the Splunk environment.
- Monitor system recovery processes to ensure security features and functions are properly restored and functioning correctly following outages.
- Support implementation efforts for response/actions addressing operational and communication orders from governing organizations.
- Provide expert analysis of logs/alerts/records to prevent or detect anomalies or adverse events.
- Support the Government in the enforcement of suspected malicious activity.
- Participate in the change management process, including reviewing Change Requests and assessing the security impact of proposed changes.
- Work on project teams responsible for engineering and packaging releases to integrate within the customer’s production IT environment.
- Guide and advise government customers with Splunk best practice solutions and configurations.
- Support a growing Cybersecurity team with occasional training evolutions.
- Support RMF compliance requirements by analyzing processes and recommending solutions.
- Communicate well, both written and verbally.
- Perform other duties as assigned, associated with and/or in support of your primary role or program mission.
Minimum Requirements:
- Active Top Secret clearance.
- DoD 8570 (IAT II Level) certification.
- Position requires on-site support at Quantico, VA with telework flexibility at customer’s discretion.
- High School diploma with 10+ years (or commensurate experience).
- 5+ years of managing Splunk and SIEM systems.
- 2+ years of security engineering experience working with DoD IT systems and solutions.
- 1+ years of experience with application and OS logging.
Experience with Splunk Enterprise operations including:
- Configuration and system tuning.
- Alert and report creation.
- Deployment scaling.
- User Based Analytics implementation and review.
Preferred Qualifications:
- Active Splunk certification highly preferred (Architect/Developer level).
- Familiarity with Splunk Enterprise operations including:
- Overall enterprise deployment and implementation.
- Endpoint troubleshooting.
- Splunk account management.
- Deployment scaling.
- DoD STIG dashboard creation.
- ATO of Splunk systems in DoD packages.
Contact: lwinter@judge.com
This job and many more are available through The Judge Group. Find us on the web at www.judge.com