We are seeking a skilled Splunk SIEM Engineer to lead the evolution of our Splunk environment into a fully operational, enterprise-grade Security Information and Event Management (SIEM) platform.
Requirements
- A SecurityX, CASP, or equivalent DoD 8140 IAT-3 certification is required.
- Security Clearance: An interim DoD Secret security clearance or higher is required to start.
- Hands-on experience with Splunk Enterprise and Splunk Enterprise Security (ES)
- Strong understanding of SIEM architecture, design, and operations
- Experience with log ingestion, parsing, normalization, and CIM mapping
- Proficiency in developing correlation searches, alerts, and dashboards
- Experience tuning SIEM content to reduce false positives and improve detection accuracy
- Familiarity with data onboarding strategies and license optimization
- Knowledge of cybersecurity principles, threat detection, and incident response
- Experience with system administration tasks including patching, upgrades, and performance monitoring
Benefits
- Competitive paid vacation package with 11 paid federal holidays
- High-quality, low-deductible healthcare plans
- Pet insurance
- Competitive 401K package
