Senior Cyber Security Engineer (Splunk)

CACI International•Chantilly, VA

About The Position

Join Our Dynamic Team and Make a Difference! Are you a passionate and skilled Cyber Security Engineer with a knack for Splunk? We’re looking for a Senior Cyber Security Engineer (Splunk) to become a vital part of our team in Chantilly, VA. This is your chance to contribute to a mission-critical initiative and directly impact cybersecurity operations through the administration and engineering of a large enterprise Splunk environment. Why You’ll Love This Role: Impactful Work: Be at the forefront of cyber defense, supporting critical initiatives and enhancing our enterprise’s security posture. Collaborative Environment: Work alongside talented technical teams and cyber analysts in a vibrant and dynamic setting. Professional Growth: Leverage your expertise and continue to develop your skills in a challenging and rewarding environment.

Requirements

An active NRO TS/SCI with Poly.
Bachelor’s degree or 4+ additional years of cybersecurity experience in lieu of a degree.
5+ years of experience in an enterprise and/or cybersecurity-focused environment.
Experience with Splunk administration and engineering.
Experience with Splunk Enterprise Security (ES) operations and configurations.
Proficiency with Unix and Windows environments.
DoD 8570 IAT Level II certification (e.g., Security+, CCNA-Security, GSEC).

Nice To Haves

Splunk certifications such as Architect, Consultant I/II, Admin, or Power User.
Experience with scripting or programming languages (e.g., Bash, Python, Java, Perl, .NET).
Familiarity with developing and deploying operational and security use cases within Splunk.

Responsibilities

Splunk Administration: Manage the day-to-day operations of large enterprise Splunk deployments.
Data Management: Troubleshoot data collection issues and ensure system stability and integrity.
System Maintenance: Deploy and maintain both supported and unsupported Splunk add-ons.
Upgrades and Patches: Execute Splunk Enterprise upgrades and apply necessary patches.
Configuration and Deployment: Configure and deploy Splunk forwarders using centralized management tools.
Security Enhancements: Maintain and tune Splunk Enterprise Security (ES) content and performance.
Knowledge Management: Manage knowledge objects, data models, dashboards, alerts, and operational content.
Integration Support: Support API integrations and external system connectivity.
Documentation: Develop and maintain detailed engineering and compliance documentation.
Collaboration: Work closely with cyber analysts and engineering teams to improve detection and response capabilities.
Compliance: Apply relevant security policies, standards, and technical guidelines to ensure compliance.
Access Controls: Enforce role-based access controls and operational security policies.

Benefits

Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume