Splunk Cyber Security Engineer

About The Position

Requirements

• 3+ years of experience utilizing Splunk Enterprise
• Experience with deploying, configuring, and performing functional testing and data validation in a Splunk environment
• Experience with Splunk performing systems administration, including performing installation, configuration, monitoring system performance and availability, upgrades, and troubleshooting in Windows and Linux Server environments
• Experience creating custom dashboards, writing queries and generating reports, and setting up alerts and notifications
• Active TS/SCI clearance; willingness to take a polygraph exam
• Associate's degree and 5+ years of experience supporting IT projects and activities, Bachelor's degree and 3+ years of experience supporting IT projects and activities, or Master's degree and 1+ years of experience supporting IT projects and activities
• Active DoD 8570.01-M Information Assurance Technician (IAT) Level II Certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND
• Advanced Splunk Certification, such as Splunk Certified Power User or Splunk Enterprise Certified Architect
• Ability to obtain a DoD 8570.01-M Cybersecurity Service Provider - Infrastructure Support Certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND Certification prior to start date

Nice To Haves

• Experience with fields abstraction
• Experience with data modeling using Splunk
• Experience with workflows and drilldown query
• Experience administering Splunk in distributed deployments
• Experience with performing site surveys, data gathering, and research and analysis regarding deploying and implementing security tools
• Experience with DevSecOps and Elasticsearch, or Logstash & Kibana (ELK)
• Knowledge of Cribl
• Knowledge of DoD Risk Management Framework
• Ability to ingest and parse logs within Splunk
• Possession of excellent problem-solving skills and oral and written communication skills, including using presentation expertise to convey complex ideas to client and internal staff

Responsibilities

• Architect, develop, and operationalize software solutions and systems that perform cyber data analytics at scale in a variety of technology platforms.
• Apply expertise to deliver the data management outcomes of the security analytics platform, with consideration for data architecture, design, and storage considerations, including database technology, efficient flows, mappings, and associated scripting or software development.
• Develop and deploy tools, technologies, and services that simplify the effort to discover, connect, transfer, store, and host data built upon sound data analytics principles to empower cyber teams.
• Provide data governance and engineer solutions that adhere to governance business rules.

Benefits

• Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care.
• Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values.
• Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen’s benefit programs.