Splunk Content Developer
About The Position
The Cyber Systems Engineer – Splunk Content Developer is responsible for designing, engineering, and enhancing advanced cybersecurity capabilities across a large-scale enterprise environment supporting DHS/FEMA missions. This role focuses on the development, administration, and optimization of security monitoring and detection capabilities, including the maintenance of cyber defense tools, strengthening network and endpoint security, and integrating security technologies within complex enterprise infrastructures. A key responsibility of this position is the development and tuning of custom detection content within the Splunk Security Information and Event Management (SIEM) platform using advanced Search Processing Language (SPL), data models, and related security analytics technologies. The engineer will create scalable, resilient, and automated security solutions that improve threat detection, reduce response times, and protect mission-critical assets.
Requirements
- Bachelor’s Degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field and 12+ years of experience or MS Degree and 10 years of experience
- At least eight (8) years of experience in incident detection and response, malware analysis, or cyber forensics
- Extensive experience working with various security methodologies and processes
- Advanced knowledge of TCP/IP protocols, experience configuring and implementing various technical security solutions, extensive experience providing analysis and trending of security log data from a large number of heterogeneous security devices
- Expert knowledge in two or more of the following areas related to cybersecurity: Vulnerability Assessment, Intrusion Prevention and Detection, Access Control and Authorization, Policy Enforcement, Application Security, Protocol Analysis, Firewall Management, Incident Response, Web-filtering, Advanced Threat Protection
- Experience developing advanced correlation rules utilizing data models for cyber threat detection
- Experienced with creating and maintaining Splunk knowledge objects
- Experienced managing and maintaining Splunk data models
- Experience creating regex for pattern matching
- Experience implementing security methodologies and SOC processes
- TS Clearance
Nice To Haves
- Experience with cloud (e.g. o365, Azure, AWS, etc) security monitoring and familiar with cloud threat landscape
- Completed Splunk Advance Searching and Reporting training
- Experience developing custom scripts using python
- Splunk certifications
Responsibilities
- Support and maintain advanced cyber tools and security capabilities across enterprise DHS/FEMA environments.
- Conduct deep-dive analysis and troubleshooting of complex endpoint security issues.
- Engineer permanent solutions using advanced diagnostic tools and methodologies.
- Develop and enforce security policies, compliance configurations, and hardened endpoint baselines.
- Engineer backup, redundancy, and disaster recovery strategies for endpoint security infrastructure.
- Develop innovative methods to improve operational efficiency, scalability, and cyber resilience.
- Produce detailed engineering documentation, system diagrams, and security reports.
- Provide technical guidance, mentorship, and specialized training to junior engineers and administrators.
- Support large-scale security exercises, vulnerability assessments, and readiness events.
Benefits
- competitive compensation
- Health and Wellness programs
- Income Protection
- Paid Leave
- Retirement
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
