Senior Cyber Security Engineer (Splunk)
Description:
Senior Cyber Security Engineer (Splunk)
Join Our Dynamic Team and Make a Difference! Are you a passionate and skilled Cyber Security Engineer with a knack for Splunk? We're looking for a Senior Cyber Security Engineer (Splunk) to become a vital part of our team in Chantilly, VA. This is your chance to contribute to a mission-critical initiative and directly impact cybersecurity operations through the administration and engineering of a large enterprise Splunk environment.
Key Responsibilities:
Splunk Administration: Manage the day-to-day operations of large enterprise Splunk deployments.
Data Management: Troubleshoot data collection issues and ensure system stability and integrity.
System Maintenance: Deploy and maintain both supported and unsupported Splunk add-ons.
Upgrades and Patches: Execute Splunk Enterprise upgrades and apply necessary patches.
Configuration and Deployment: Configure and deploy Splunk forwarders using centralized management tools.
Security Enhancements: Maintain and tune Splunk Enterprise Security (ES) content and performance.
Knowledge Management: Manage knowledge objects, data models, dashboards, alerts, and operational content.
Integration Support: Support API integrations and external system connectivity.
Documentation: Develop and maintain detailed engineering and compliance documentation.
Collaboration: Work closely with cyber analysts and engineering teams to improve detection and response capabilities.
Compliance: Apply relevant security policies, standards, and technical guidelines to ensure compliance.
Access Controls: Enforce role-based access controls and operational security policies.
Qualifications:
An active NRO TS/SCI with Poly.
Bachelor's degree or 4+ additional years of cybersecurity experience in lieu of a degree.
5+ years of experience in an enterprise and/or cybersecurity-focused environment.
Experience with Splunk administration and engineering.
Experience with Splunk Enterprise Security (ES) operations and configurations.
Proficiency with Unix and Windows environments.
DoD 8570 IAT Level II certification (e.g., Security+, CCNA-Security, GSEC).
Preferred Qualifications:
Splunk certifications such as Architect, Consultant I/II, Admin, or Power User.
Experience with scripting or programming languages (e.g., Bash, Python, Java, Perl,.NET).
Familiarity with developing and deploying operational and security use cases within Splunk.
Physical Requirements:
Must be able to remain in a stationary position 50% of the time.
Occasionally move about inside the office to access file cabinets, office machinery, or to communicate with co-workers, management, and customers via email, phone, or virtual communication, which may involve delivering presentations.