Senior Security Engineer - Splunk
About The Position
UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite of security operations solutions. Founded and operated by security practitioners with decades of experience, the UltraViolet Cyber security-as-code platform combines technology innovation and human expertise to make advanced real-time cybersecurity accessible for all organizations by eliminating risks of separate red and blue teams. By creating continuously optimized identification, detection, and resilience from todayâs dynamic threat landscape, UltraViolet Cyber provides both managed and custom-tailored unified security operations solutions to the Fortune 500, Federal Government, and Commercial clients. UltraViolet Cyber is headquartered in McLean, Virginia, with global offices across the U.S. and in India. Our Federal Delivery team is seeking a Senior Security Engineer specializing in Splunk to enhance our security monitoring, detection, and response capabilities within federal government environments. This role will be responsible for designing, implementing, and optimizing Splunk deployments to support advanced threat detection, security analytics, and compliance monitoring across critical infrastructure.
Requirements
- Bachelor's degree in Cybersecurity, Information Security, or related field
- 7+ years of security engineering experience with 3+ years of advanced Splunk implementation
- Splunk Certified Architect or Splunk Certified Enterprise Security Admin certification
- Experience designing and implementing Splunk Enterprise Security in large environments, along with Cribl
- Strong knowledge of SPL query language and advanced search techniques
- Experience creating custom Splunk dashboards, reports, and visualizations
- Demonstrated expertise in security monitoring and SIEM technology
- Experience implementing security controls per NIST SP 800-53 requirements
- Proficiency with Splunk administration and performance tuning
Nice To Haves
- Experience supporting federal agency security operations centers
- Splunk and Cribl certifications highly desired
- Additional security certifications (CISSP, GCIA, GCIH, Security+)
- Experience with Splunk implementations
- Background in security architecture for government networks
- Knowledge of CISA directives and CDM program requirements
- Experience with cloud security monitoring using Splunk and Cribl
- Familiarity with Zero Trust architecture implementation
Responsibilities
- Design and implement Splunk Enterprise Security for large-scal enterprise network environment
- Provide O&M support of large Cribl Deployment
- Develop custom Splunk apps, dashboards, and reports to enhance security visibility
- Create and optimize complex SPL queries for threat detection and security analytics
- Integrate Splunk with other security tools to build a comprehensive security monitoring ecosystem
- Design and maintain Splunk data models to support security use cases and compliance reporting
- Develop custom threat detection rules and correlation searches in Splunk
- Configure and tune Splunk alerts to reduce false positives and enhance detection efficacy
- Support compliance reporting for FISMA, RMF, and other federal requirements
- Provide technical expertise during security incidents and coordinate response activities
Benefits
- 401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed
- Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment)
- Group Term Life, Short-Term Disability, Long-Term Disability
- Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness
- Participation in the Discretionary Time Off (DTO) Program
- 11 Paid Holidays Annually
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
