Splunk Engineer - Mid

We are an employee-centric company that truly appreciates our team members and their value to our customers and the missions they support. We pride ourselves on being forward-leaning thinkers and fostering teams that are and continue to be technically proficient and technically capable across a comprehensive range of cyber mission areas. OneZero full-time employees receive an extremely competitive benefits package that includes health/dental/vision/life insurance plans, 401K with company matching, PTO & paid holidays, employee referral program, and educational assistance. Additional details can be found on our website at: https://www.onezerollc.com/careers/

Position Title: Splunk Engineer-Mid

Location: Ashburn, VA

Clearance: Secret

Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations. The CBP SOC is responsible for the overall security of CBP Enterprise-wide information systems, and collects, investigates and reports any suspected and confirmed security violations.

The candidate should be familiar with recognizing and onboarding new data sources into Splunk, analyzing the data for anomalies and trends, and building dashboards highlighting the key trends of the data. The Splunk engineer should be familiar with a Linux environment, editing and maintaining Splunk configuration files and apps.

The Splunk engineer will work with other Cybersecurity Engineering team members and will be required to interact with end users to gather requirements, perform troubleshooting, and provide assistance with the creation of Splunk search queries and dashboards. The Splunk engineer will be required interact with senior management, as necessary.

Qualifications:

Applicants must be a US citizen. Department of Homeland Security CBP SOC employees are required to have or be able to favorably pass a 5-year (BI) Background Investigation.

Candidate must possess:
- 4+ years of experience in a senior Splunk role
- 3+ Years experience in Linux and SQL/ODBC interfaces
- 2+ Years experience in app interface development, using REST API's
- Previous project management experience.
- ITIL Change & Configuration Management
- Experience with Ansible and GIT

The candidate should be familiar with recognizing and onboarding new data sources into Splunk, analyzing the data for anomalies and trends, and building dashboards highlighting the key trends of the data. The Senior Splunk Engineer should be familiar with a Linux environment, editing and maintaining Splunk configuration files and apps.
The Senior Splunk Engineer will work with other Cybersecurity Engineering team members and will be required to interact with end users to gather requirements, perform troubleshooting, and provide assistance with the creation of Splunk search queries and dashboards. The Senior Splunk Engineer will be required interact with senior management, as necessary.

Required Certifications:

CCIE Security
Cisco Certified Network Professional (CCNP)
CCNP Security
CCSP - Certified Cloud Security Professional
CEH - Certified Ethical Hacker
Certified Data Administrator Professional
Certified Implementation Engineer Specialist
Splunk Administrator
Splunk Certified Architect
Certified Storage Associate
CISSP - Certified Information Systems Security
CompTIA Advanced Security Practitioner (CASP)
Converged Infrastructure Specialist
CSSLP - Certified Secure Software Lifecycle Professional
ECSP - EC-Council Certified Secure Programmer
GCIH - Incident Handler
GCWN - Windows Security Administrator
GICSP -Cyber Security Professional
GISF - Security Fundamentals
GISP - Security Professional
GSSP - Secure Software Programmer
MCSE - Microsoft Certified Solutions Expert (Server)
RHCA
RHCE
SEI (Software Engineering Institute)
SSCP - Systems Security Certified Practitioner
VCA (Certified Associate)
VCAP (Certified Advanced Professional)
VCDX (Certified Design Expert)
VCIX (Implementation Expert)
VCP (Certified Professional)

Education:

Minimum of a bachelor's degree coupled with 7+ years' experience in the Information Technology arena.

OneZero Solutions is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.