Job Description
Input Technology Solutions is seeking an experienced Splunk Security Engineer with expertise in Cribl to join our Splunk Engineering team in Stennis, MS! The ideal candidate will assist with the designing, implementing, and maintaining of DHS' Splunk environment while leveraging Cribl for data processing and routing.
What You'll Get to Do:
The Splunk Security Engineer should feel comfortable optimizing and refining the current Splunk implementation while collaborating with cross-functional teams to enhance DHS' overall security posture.
The Splunk Security Engineer will:
Design, implement, and maintain the Splunk infrastructure and solutions
Configure and optimize Cribl Stream for data collection, processing, and routing
Develop and maintain Splunk dashboards, alerts, and reports
Assist with troubleshooting issues related to Splunk and Cribl implementations
Perform capacity planning and performance tuning for Splunk and Cribl environments
Collaborate with cross-functional engineering and ISSO teams to gather requirements and deliver solutions
Document and map the architecture of the current Splunk implementation
Support the development of a Security Engineering Tool roadmap
Stay current with emerging security technologies and industry trends to recommend improvements or additions.
You'll Bring These Qualifications:
Ability to attain DHS EOD with Top Secret clearance
ITIL V4 Foundations certification (or obtain in first 6 months)
BA/BS or equivalent +10 years of experience
Significant experience in cybersecurity, with strong hands-on experience in access management and network security
5+ years of experience as a Splunk Engineer
2+ years of experience with Cribl Stream
Strong knowledge of search processing language (SPL)
Proficient in scripting languages (Python, Bash PowerShell) for automation and integration
Experience with Linux/Unix system administration
Experience working with and guiding technicians with varying skill levels and supporting end users remotely
Experience with security tools and technologies, like SIEM, IDS/IPS, and firewalls
Strong analytical and problem-solving skills, particularly in optimizing security workflows
Professional, customer-oriented, and even-keeled under pressure
Effective communicator at all levels, both written and verbal
These Qualifications Would be Nice to Have:
Splunk Certified Admin or Architect certification
Splunk Enterprise Security certification
Significant experience with Cribl LogStream and Cribl Edge
Knowledge of CI/CD pipelines and DevOps practices
Familiarity with other observability tools (Elasticsearch, Prometheus)
Knowledge of containerization technologies (Docker, Kubernetes)
Experience with large-scale, distributed systems
Full-time