Cyber Security Analyst IV (Splunk SIEM Engineering & Development)

OSC Global
70d$110,275 - $198,468
Match Resume

About The Position

The Cyber Security Analyst IV serves as a technical authority for SIEM architecture, development and automation. This role is responsible for building advanced correlation rules, dashboards and integrations that enhance our ability to detect, investigate and respond to evolving cybersecurity threats. Collaborating with stakeholders across security operations, IT and compliance, this position will ensure Splunk ES capabilities align with enterprise monitoring needs, federal cybersecurity requirements and best-practice engineering standards.

Requirements

  • Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or related field.
  • At least eight (8) years of progressive experience in IT or cybersecurity, including at least five (5) years specializing in Splunk Enterprise and Splunk ES engineering.
  • Ability to pass a background and drug screening.
  • Must have identification compliant with the Real ID Act at time of hire.
  • Must be able to obtain Department of Energy access badge.
  • Must be able to obtain and maintain a U.S. government security clearance.

Nice To Haves

  • Splunk certifications such as Enterprise Certified Architect, ES Certified Admin or Certified Developer.
  • Experience with Python scripting or API integrations to automate Splunk functions.
  • Hands-on experience with SOAR platforms (Cortex XSOAR, Phantom, or similar).
  • Prior experience supporting cybersecurity operations in a federal or highly regulated environment.

Responsibilities

  • Design, develop and maintain advanced dashboards, correlation searches and reports that deliver actionable visibility into security events and risks.
  • Engineer scalable data ingestion pipelines, optimize search performance and maintain Common Information Model (CIM) compliance.
  • Onboard, parse and normalize log data from diverse security tools, endpoints and cloud environments.
  • Develop scripts and playbooks leveraging SOAR capabilities to streamline response processes and improve operational efficiency.
  • Partner with SOC, IR and infrastructure teams to understand mission needs and deliver tailored Splunk solutions.
  • Conduct platform health checks, capacity planning and tuning to maintain high performance and reliability.
  • Develop and maintain detailed technical documentation for Splunk configurations, workflows and integrations.
  • Ensure all Splunk engineering and development efforts adhere to FISMA, NIST SP 800-53 and other applicable federal cybersecurity guidelines.
  • Provide guidance and mentorship to junior analysts, fostering skill growth and consistent engineering practices.
  • Stay current with emerging Splunk features, industry trends and threat intelligence to inform proactive enhancements.
  • Perform other duties as appropriate and as assigned.

Benefits

  • Paid holidays
  • Paid time off
  • 401k with employer match
  • Dental insurance
  • Vision insurance
  • Health insurance plans through the Federal Employee Health Benefits (FEHB) program
  • Life and disability benefits

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Senior

Education Level

Bachelor's degree

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service