Senior Security Engineer - Splunk

Overview:

Senior Security Engineer - Splunk

Remote | US Based

US Citizenship - Clearable; Ability to obtain a Public Trust

Summary

Our client is an employee and Service-Disabled, Veteran-owned Small Business focused on providing niche technical services. They are a team of experienced cybersecurity professionals with a track record of success in the Federal, Commercial, and Academic workspaces. Additionally, our client designs, builds, operates, and secures scalable cloud and IT infrastructures to meet their customers’ near-term needs and fulfill their long-term requirements.

Responsibilities

Our client is seeking a Senior Security Engineer specializing in Splunk to join their team. The role involves developing and implementing Splunk security solutions that align with the organization’s security strategy. The Senior Security Engineer will leverage market insights and technology trends to provide cutting-edge solutions. You will be responsible for applying technical expertise and industry knowledge to solve complex security challenges. Additionally, you may mentor or supervise team members, providing guidance and leadership when required.

• Design, develop, and enhance cyber systems through system integration
• Develop and implement security solutions using Splunk, aligned with the overall security strategy
• Maintain and update Splunk operations, ensuring the platform meets the organization’s security needs
• Create both scheduled and ad-hoc reports using Splunk
• Perform extraction, transformation, and loading of data, utilizing SPL and Regex
• Build and implement event correlation rules and logic within the Splunk platform
• Maintain an event schema with customized security severity criteria
• Provide guidance and support to team members on complex technical security challenges
• Stay current on market trends and new technologies to deliver innovative security solutions

Requirements

• 10+ years of experience with system integration, including design, development, and enhancement of cyber systems
• 4+ years of experience with Splunk operations and maintenance
• Experience maintaining an event schema with customized security severity criteria
• Experience creating reports, both scheduled and ad-hoc, within Splunk
• Expertise in extraction, transformation, and loading of data, including the use of SPL and Regex
• Knowledge of SIEM technologies and event collection in Windows and Linux environments
• Ability to build and implement event correlation rules and content within Splunk

Preferred Requirements

• Experience with cloud-based Splunk deployments
• Experience supporting a Security Operations Center’s Splunk deployment
• Prior experience as a security engineer or analyst
• Ability to tune SIEM event correlation rules to filter out known network behaviors, false positives, or errors
• Excellent oral and written communication skills, with the ability to explain technical concepts to non-technical audiences
• Strong problem-solving skills
• A BA or BS degree in Science, Technology, Engineering, or Mathematics (STEM) is preferred
• A Splunk Architect-level certification or higher is preferred

Education/Certification Requirements

• A BA or BS degree is required

Clearance Requirements

• Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Applicants must be able to pass an enhanced background check.