Splunk Security Engineer

00100 LEIDOS, INC.
Suitland, MD
$101.4K-$183.3K a year
Full-time

Are you looking for an exciting job opportunity that will allow you to use your skills and expertise to make a real difference?

The National Security Sector has just the role for you! We are seeking for a Splunk Security Engineer to join our team at the National Maritime Intelligence Center in Suitland, MD.

In this dynamic position, you will have the chance to work across projects and teams to provide support for the Office of Naval Intelligence's (ONI) Defense Cyber Operations mission.

Your daily activities will directly impact real-world operations and assist utilizing Security Information Event Management platforms to support threat detection, compliance, and security incident management through the collection and analysis (both near real-time and historical) of security events, as well as a wide variety of other event and contextual data sources.

Primary Responsibilities :

Analyze log events and other data across disparate sources; implement and leverage the latest operational capabilities (such as incident management, dashboards, and reporting);

as well as Security Orchestration, Automation, and Response (SOAR) in order to resolve anomalous activity in a prescribed, repeatable, and automated fashion.

Work with stakeholders directly to build, design, deliver, re-write, and maintain efficient, reusable, and reliable security automations using Splunk SOAR.

Create custom content and playbooks that interact with other tools / devices on the network to automate security response actions based on alerts / threats.

Configure, use and maintain a stack of deployed detection technologies; ticketing system integrations, SIEM integration (i.

e., Splunk Enterprise Security); Splunk Enterprise Security detections that use Risk-Based Alerting (RBA); deployment of common detection technologies across common control points, including endpoint, network, email and cloud;

stream of sources identified for threat intelligence integration; identity and access management tool deployment; API compatibility across existing technologies.

Be responsible for the lifecycle of an automation playbook, from requirements gathering and planning to design, testing, implementation, and maintenance.

Create detailed technical documentation pertaining to SOAR automations and collaborate with other internal teams as part of setting up SOAR integrations.

Basic Qualifications :

Bachelor's degree with 8+ years of experience or a Master's degree with 6+ years of experience. Additional years of experience, certifications or trainings may be considered in lieu of degree.

Active DoD TS / SCI clearance.

Current IAT Level II DoD Approved 8570-M Baseline Certification (e.g. Security+ce or equivalent) or the ability to obtain within 30 days from date of offer of acceptance.

5+ years of demonstrated experience in in Splunk Security Orchestration, Automation, and Response (SOAR) / Phantom, including developing playbooks, implementing integrations and troubleshooting.

Deep understanding of Splunk Administration (not just user knowledge).

Experience performing software integrations with Trellix, Cisco, Exchange, and Windows and Linux.

2+ years of hands-on experience using Splunk for both searching data and data analysis and for passing data to SOAR.

Hands-on knowledge of programming languages, APIs, and integrations to include strong programming skills in Python for automation.

Process improvement experience.

Preferred Qualifications :

Current IAT Level III DoD Approved 8570-M Baseline Certification (e.g. CISSP or equivalent).

Splunk Certified Enterprise Security Administrator.

Experience with modeling languages like UML for structure, behavior, and interaction diagrams.

Ability to use Jira and ServiceNow for ticket tracking.

Technical writing skills for creating Standard Operating Procedures (SOPs) and other supporting documentation.

Completion of both "Developing SOAR Playbooks and "Advanced SOAR Implementation Training courses from Splunk.

Experience in Security Operations Center (SOC) workflows and the processes for alert triage, defining incident investigation at varying levels of severity, capturing critical metrics to measure SOC effectiveness, evaluating lessons learned after critical incidents, leveraging metrics for operational improvement, use standard incident response methodologies.

Experience in integrating MITRE ATT&CK detection framework.

NITESONI

EIO2024

Original Posting Date :

2024-09-25

While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range :

Pay Range $101,400.00 - $183,300.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

30+ days ago
Related jobs
Promoted
Leidos Holding
Suitland-Silver Hill, Maryland

Splunk Enterprise Security); Splunk Enterprise Security detections that use Risk-Based Alerting (RBA); deployment of common detection technologies across common control points, including endpoint, network, email and cloud; stream of sources identified for threat intelligence integration; identity an...

BlueVoyant
Remote in the United States, MD, US
Remote

Security EngineerSplunk Enterprise Security Location: Remote in the United States US Citizenship required BlueVoyant is currently seeking an experienced Senior Security Engineer to join our Splunk Deployment Engineering Team. You will act as a lead engineer on large and enterprise sized SIEM...

00100 LEIDOS, INC.
Suitland-Silver Hill, Maryland

Splunk Enterprise Security); Splunk Enterprise Security detections that use Risk-Based Alerting (RBA); deployment of common detection technologies across common control points, including endpoint, network, email and cloud; stream of sources identified for threat intelligence integration; identity an...

Promoted
Reithorp Solutions
Bethesda, Maryland

Budget Formulation and Budget Execution Analysts. The Budget Execution Analyst is charged with navigating complex financial landscapes to optimize both financial and resource utilization. ...

Promoted
V2X
Suitland-Silver Hill, Maryland

We bring 120 years of successful mission support to improve security, streamline logistics, and enhance readiness. ...

Promoted
MITRE
Bethesda, Maryland

The R&D centers we operate for the government create lasting impact in fields as diverse as cybersecurity, healthcare, aviation, defense, and enterprise transformation. Within MITRE’s Intelligence Center the Strategy and Policy Department has the mission to enhance our sponsors’ policy formulation, ...

Promoted
Capital One
Clinton, Maryland

Center 2 (19050), United States of America, McLean, VirginiaSenior Software Engineer, DevOpsDo you love building and pioneering in the technology space? Do you enjoy solving complex business problems in a fast-paced, collaborative, inclusive, and iterative delivery environment? At Capital One, you'l...

Promoted
Office of The Chief Financial Officer
Maryland, MD, United States

Applying business process engineering concepts and methods sufficient to lead/conduct studies; designing and implementing solutions to maintain and enhance the security of OCFO information systems and networks including firewalls, Intrusion detection/prevention systems, port and VLAN level filtering...

Promoted
Navteca
Greenbelt, Maryland

We are seeking a skilled and passionate Senior Level DevOps Engineer, who is not just adept in software development but also experienced in taking projects from conception to production. Experience with open source tools for DevOps such as Grafana, telegraf, graylog, Loki, Prometheus, InfluxDB with ...

Promoted
Underground Administration
Washington D.C., Maryland, USA

Job Description: The DOJs National Security Division is looking for a Senior Network Security Engineer to plan coordinate and implement the organizations information security. Senior Network Security Engineer (Firewall/IPS) DOJ National Security Division. Develop and maintain network security doent...