Security Engineer Splunk

Description: SOFtact Solutions is seeking a subject matter expert (Master) with the ability to implement Splunk solutions in support of IT operations. The Security Engineer will maintain various security technologies and applications including the Splunk Enterprise Security (ES) premium application.   This role requires the ability to design, architect, and implement Splunk solutions in support of cyber-security and IT operations analysts and data scientists. This role’s focus is primarily on engineering, maintaining, and implementing cyber security detections, as well as managing the team. A key aspect of this job will be to help build and direct the Splunk technical capability. The successful candidate will have experience in architecting, implementing, and using Splunk solutions and applications to integrate data feeds and create content in a distributed computing environment. The candidate must have robust Splunk experience and be able to work collaboratively with diverse end users and a geographically distributed team. This position requires a TS/SCI security clearance.

 

Position Location: Fort Liberty, Fayetteville, NC or Fort Belvoir, VA or MacDill AFB, Tampa, FL or Fort Meade, MD or Crystal City, VA (on-site)

 

Education: Bachelor’s degree in Computer Science, MIS or related technical field required (or equivalent experience)

 

Qualifications: 5+ years professional experience supporting and maintaining SIEM systems (required) with strong experience utilizing Unicorn (preferred)

 

Responsibilities:

• Enable Security Information and Event Management (SIEM) integration
• Conduct technical troubleshooting efforts for complex network environments to identify and eliminate network or security configuration issues for SIEM data collection
• Responsible for SIEM security design review and recommendations, technical data gathering, security and policy review and configuration, security device implementation planning, configuration and implementation of security products, and technical quality assurance
• Perform team management, to include timecard approvals, leave approvals, contractual reporting and annual employee evaluations
• Provide inputs to the Program Manager as requested related to contract work, updates, and changes
• Facilitate customer interactions with Splunk as the Point of Contact regarding licensing and support cases

 

Required Skills:

• DoD 8570 Certification in the IAT Level III and/or CNDSP tier or obtain within six months (Required)
• Splunk Enterprise Security experience, including administration and integration with backend systems (Required)
• 2+ years of experience supporting cloud computing environments: AWS, Azure, GCP, etc. (Preferred)
• Experience with incident response, investigation, and incident handling
• Experience with other big data analytics solutions: Elastic, Palantir, ArcSight, etc. (Preferred)
• Knowledge of network security zones, firewall, and IDS
• Knowledge of log formats for syslog, http logs, and DB logs
• Knowledge of enterprise endpoint security products: McAfee e-Policy Orchestrator, Cylance, Microsoft Defender, etc.
• Knowledge of network security tools and appliances: Cisco ISE, Palo Alto NextGen Firewalls, Blue Coat, etc.
• Knowledge of Linux platforms
• Provide experience architecting and managing Splunk Core and Splunk ES
• Assist in managing TAs, source types and data formats, search, index clustering, Splunk ES and data models, upgrades, etc.
• Create custom parsers and correlation rules for alerting security personal to potential security incidents
• Perform log debugging within the Splunk infrastructure and from remote sources i.e. syslog-ng, Windows, RHEL, networking devices, etc. to ensure data accuracy
• Serve as a Subject Matter Expert (SME) for improvements, implementation, administration, and operations to Cybersecurity systems
• Evaluate new products as they are being considered and provide recommendations for usage
• Development of tailored Splunk reports, dashboards, alerts, and advanced queries

 

Clearance: TS/SCI

 

About SOFtact Solutions: STS is a Woman Owned Small Business (WOSB) that carries a passion for problem-solving in support of today’s warfighters and government entities by providing Strategic Advisory and Program Management, C5ISR Enterprise Architecture and Design, Cybersecurity, IT Services, and ServiceNow Solutions.

 

STS is a forward thinking, responsive, and dedicated company bringing years of service and experience across the entire spectrum of mission support. STS supports the Department of Defense and OGA’s by integrating high-end engineering services to deliver nonproprietary, cost-effective, and integrated applications and software systems.

 

SOFtact Solutions is an equal opportunity and affirmative action employer.  We consider applicants without regard to race, color, religion, creed, gender, national origin, age, disability, genetic information, marital or veteran status, or any other category protected by federal, state, or local law.

 

Security Engineer Splunk