Sr. Splunk Engineer – TS/SCI with FS Poly - Ft. Meade, MD

A Senior Engineer is an individual who can operate independently and will be entrusted with delivering success for Optiv + ClearShark’s customers to achieve predetermined goals aligned with a statement of work. To be successful in this role, a Level I/III Engineer will be expected to specialize in a capability aligned with Optiv + ClearShark’s service practices while also contemplating which future opportunities they would like to explore. They will be expected to execute all tasks provided in a statement of work in a timely fashion and to communicate any unexpected complexities that may arise to senior leadership. This individual may be the most senior engineer on a project and will be expected to assist Associate and Level I/II Engineers with tasking. Excellent communication skills are essential for this role, as these individuals will interact with clients regularly.

How you'll make an impact

• Maintain a master’s understanding of the chief technologies they will be responsible for.
• Have an advanced understanding of major technologies that will surround the chief technology in their environment.
• Lead a team of engineers in developing workflows focused on tackling complex issues in an effort to solve problems efficiently. When necessary, provide mentorships for Associate, Level I, and Level II Engineers who may require it.
• Spend 5% of their time focusing on developing corporate strategy, assisting with brand identity, and support operations.
• Spend 5% of their time focusing on training and fine-tuning skills.
• Spend 10% of their time managing the day-to-day operations of their team members and their respective career development efforts.
• Spend 80% of their time on engagement delivery.

Engagement Management

• Serve as a level of mentorship for Associate, Level I, and Level II Engineers
• Report any issues with the team to senior leadership, as well as any kudos or positive feedback.
• Execute all tasks outlined in the scope of work and follow standard operating procedures with no direct oversight. 
• Provide assistance for detailed view of notable events, workbook for open investigations, and risk analysis scoring system.
• Assist and recommend actions in security operations center tier I and tier II incident response incidents.
• Assist in ES tuning performance by editing, creating search language of searches to modify and reduce number of notables and removal of low value searches. Assist in configuration of correlation searches, dashboard searches, risk modifiers, threat intelligence feeds, workflow actions and Enterprise Security content.
• Automate issue resolution and compliance reporting to lower time on detection, time on mitigation for security organizations.
• Integrate Splunk Mission Control, Splunk Security Orchestration, Automation Response (SOAR), and/or other customer approved security product applications utilizing Enterprise Security.
• Utilize data thresholds, trend-based conditions and behavioral pattern recognition.

Client Engagement

• Develop and maintain strong relationships with clients to ensure satisfaction.
• Adhere to availability standards for responding to client inquiries.
• Lead the communication of technical concepts effectively to clients.
• Identify and communicate cross-sell and up-sell opportunities with the account team across services.

What we're looking for

• Active TS/SCI clearance with FSP required.
• Splunk Core Consultant Certification required.
• Splunk Enterprise Security accreditation required.
• Experience with, or interest in, learning, deploying, and maintaining Splunk SOAR.
• Security Certification (i.e, Security+, CISSP, etc) required.
• Experience operating in classified environments. 
• Bachelor’s degree in a related area or at least 8 years of related work experience.
• Robust understanding of identity, SIEM, cybersecurity, and infrastructure concepts.
• Strong Linux and scripting (Python, Ansible, Teraform, JSON, others.) experience.
• Ability to troubleshoot Splunk instances.
• Create custom Splunk reports, dashboards, and content per customer requirements.
• Strong understanding of governance and compliance, specifically with FAR, DFARs, CUI and CMMC. 
• Broad understanding of FedRAMP and IL constructs.
• Strong understanding of leadership concepts and ideas.
• Strong interpersonal skills and ability to work collaboratively in a team.
• Experience leading an engineering team, preferably having handled tasking, resolving personnel issues, and providing actionable feedback.
• Ability to clearly communicate complex messages to a variety of audiences.
• Excellent problem-solving skills with a keen attention to detail.
• Willingness to travel to meet client needs.

What you can expect from Optiv

• A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups.
• Work/life balance
• Professional training resources
• Creative problem-solving and the ability to tackle unique, complex projects
• Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.
• The ability and technology necessary to productively work remotely/from home (where applicable)

EEO Statement

Optiv + ClearShark is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, status as an individual with a disability, veteran status, or any other basis protected by federal, state, or local law.

Optiv + ClearShark respects your privacy. By providing your information through this page or applying for a job at Optiv + ClearShark, you acknowledge that Optiv + ClearShark will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv + ClearShark’s selection and recruitment activities.  For additional details on how Optiv + ClearShark uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice. If you sign up to receive notifications of job postings, you may unsubscribe at any time.