Security Splunk Architect/Engineer
Washington, District of Columbia, United States
Full Time Senior-level / Expert Clearance required USD 75K - 140K *
Node.Digital
Market leader in Digital Transformation & Automation using Artificial Intelligence and Machine LearningSecurity Splunk Architect/Engineer
Location: Washington DC metro area (Hybrid)
Must have an active Secret OR Top Secret Clearance
We are seeking a Security Splunk Architect/Engineer to support a Navy enterprise network within the Engineering and Cyber Divisions. The candidate's primary responsibility is to maintain and enhance the existing Splunk infrastructure in the enterprise. Further projects will involve the implementation of Splunk Enterprise Security (ES) and Security Orchestration, Automation, and Response (SOAR) and other vendor solutions.
- Implements, tests, and operates advanced software security techniques in compliance with technical reference architecture.
- Performs on-going security testing and code review to improve software security.
- Troubleshoots and debugs issues that arise.
- Provides engineering designs for new software solutions to help mitigate security vulnerabilities.
- Contributes to all levels of the architecture and maintains technical documentation.
- Consults team members on secure coding practices. Develops a familiarity with new tools and best practices.
- Designing, implementing, and maintaining SIEM and SOAR solutions.
- Design and implement threat detection, automate incident response processes, integration of various security tools with SIEM and SOAR platforms via APIs
- Maintain SIEM applications to collect and aggregate IDS and IPS data from network sensors, raw data from collection agents, firewalls, proxy servers, DLP, antivirus, vulnerability scanner elements, and other security-relevant devices.
- Utilize expertise in Splunk "Search" language, Splunk Dashboards, Reports, Lookup Tables, and Summary Indexes. Build Splunk dashboards that take inputs from various data sources such as application logs / operating system logs / middleware logs / network feeds etc. and identify / highlight anomalous activities on the dashboards by their severity levels.
- Perform troubleshooting and provide assistance with the creation of Splunk search queries and dashboards.
Requirements
Qualifications
- Requires a BA or BS (Cyber Security, Computer Science, Information Systems, Software Engineering, Computer Engineering, or related field); relevant experience may be a substitute for education.
- Requires at least five (5) years of professional experience
- Requires an active Secret OR TS/SCI
- Requires experience with importing data in Splunk from various sources: endpoint security, network security (Firewalls, IPS/IDS, DNS, Proxy, etc.), data and application security, cloud security, and technologies
- Requires experience with performing systems administration, including performing installation, configuration, monitoring system performance and availability, upgrades, and troubleshooting of Splunk
- Requires experience with designing, implementing, configuring, operating, or testing IT systems or security infrastructure
- Requires experience building dashboards highlighting the key trends of the data
- Requires proficiency within a Windows and Linux environment, editing and maintaining Splunk configuration files and apps
- Experience in working in a Splunk clustered environment supporting SOC or NOC environment required
- Experience with virtualization technologies required
Preferred Certifications:
- Splunk Architect, Splunk Admin
- DoD 8570 Level 3 Certification
Company Overview:
Node.Digital is an independent Digital Automation & Cognitive Engineering company that integrates best-of-breed technologies to accelerate business impact.
Our Core Values help us in our mission. They include:
OUR CORE VALUES
Identifying the~RIGHT PEOPLE~and developing them to their full capabilities
Our customer’s “Mission” is our “Mission”. Our~MISSION FIRST~approach is designed to keep our customers fully engaged while becoming their trusted partner
We believe in~SIMPLIFYING~complex problems with a relentless focus on agile delivery excellence
Our mantra is “~Simple*Secure*Speed~” in the delivery of innovative services and solutions
Benefits
We are proud to offer competitive compensation and benefits packages to include:
- Medical
- Dental
- Vision
- Basic Life
- Long-Term Disability
- Health Saving Account
- 401K
- Three weeks of PTO
- 10 Paid Holidays
- Pre-Approved Online Training
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Antivirus APIs Application security Automation Clearance Cloud Compliance Computer Science DNS DoD DoDD 8570 Endpoint security Firewalls IDS Incident response IPS Linux Monitoring Network security SIEM SOAR SOC Splunk Threat detection Top Secret Top Secret Clearance TS/SCI Vulnerabilities Windows
Perks/benefits: Competitive pay Health care Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Operations Analyst jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Java-related jobs
- Open Forensics-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open DevOps-related jobs
- Open EDR-related jobs
- Open DoD-related jobs