Splunk Engineer with Security Clearance
Description:
Apex Systems is seeking a highly skilled Splunk Security Engineer with expertise in Cribl to join our clients Splunk Engineering team. The ideal candidate will play a key role in designing, implementing, and maintaining DHS' Splunk environment, leveraging Cribl for data processing and routing. I Position: Splunk Engineer
Location: Hybrid - 2x onsite at National Harbor, 3x remote
Hours: Regular business hours
Compensation: $135,000-$160,000/yr
Certifications: ITIL v4 - can obtain within first 6 months
Start date: June 1st What You'll Get to Do As a Splunk Security Engineer, you will refine and optimize the current Splunk implementation while collaborating with cross-functional teams to enhance DHS' overall security posture. Your responsibilities will include: Architecting, deploying, and managing Splunk infrastructure and solutions
Configuring and fine-tuning Cribl Stream for efficient data collection, processing, and routing
Developing and maintaining Splunk dashboards, alerts, and reports
Troubleshooting and resolving issues related to Splunk and Cribl implementations
Conducting capacity planning and performance tuning for Splunk and Cribl environments
Partnering with engineering and ISSO teams to gather requirements and deliver robust solutions
Documenting and mapping the architecture of the current Splunk implementation
Contributing to the development of a Security Engineering Tool roadmap
Keeping pace with emerging security technologies and industry trends to drive continuous improvements You'll Bring These Qualifications Ability to attain DHS EOD and Top Secret Clearance
ITIL V4 Foundations certification (or willingness to obtain within the first 6 months)
BA/BS degree or equivalent, plus 10+ years of experience
Extensive experience in cybersecurity, with a strong background in access management and network security
5+ years of experience as a Splunk Engineer
2+ years of hands-on experience with Cribl Stream
Deep knowledge of Search Processing Language (SPL)
Proficiency in Python, Bash, and PowerShell for automation and integration
Experience with Linux/Unix system administration
Strong background in guiding technicians with varying skill levels and supporting end users remotely
Familiarity with security tools and technologies such as SIEM, IDS/IPS, and firewalls
Sharp analytical and problem-solving skills, particularly in optimizing security workflows
Professional, customer-focused, and poised under pressure
Excellent communication skills, both written and verbal Preferred Qualifications Splunk Certified Admin or Architect certification
Splunk Enterprise Security certification
Extensive experience with Cribl LogStream and Cribl Edge
Knowledge of CI/CD pipelines and DevOps practices
Familiarity with observability tools like Elasticsearch and Prometheus
Understanding of containerization technologies (Docker, Kubernetes)
Experience with large-scale, distributed systems
Permanent