SIEM Team – Splunk Systems Engineer - TS/SCI w/Poly

SIEM Team Splunk Systems Engineer

Deliver simple solutions to complex problems as a SIEM Team Splunk Systems Engineer at GDIT. Here, you’ll tailor cutting-edge solutions to the unique requirements of our clients.

With a career in application development, you’ll make the end user’s experience your priority and we’ll make your career growth ours.

At GDIT, people are our differentiator. As a SIEM Team Splunk Systems Engineer you will help ensure today is safe and tomorrow is smarter.

Our work depends on Systems Engineer joining our team.

The Digital Services SIEM Team requires an experienced Splunk System Administrator to system engineer to perform all aspects of Splunk Enterprise and ITSI administration, maintenance, and operation of global enterprise solution used for complex Splunk applications, dashboards and reports.

Duties include : monitoring Splunk infrastructure system health and data feeds; install, and configuration of Splunk Indexers, Forwarders, Deployment Servers and Search-Heads;

onboarding new data; supporting cybersecurity and operations teams and driving complex Splunk dashboard deployments / reports and working side by side with the customers to solve their unique problems across a variety of use cases

HOW A SYSTEMS ENGINEER WILL MAKE AN IMPACT

Ensure the Splunk infrastructure functions properly with PKI-based authentication, corporate authorization services, firewalls, and SSL / TLS communications.

Contribute to development and ongoing improvement of industry best practices and standards for maintaining data analytics enterprise technologies.

Assist with installing, testing, and deploying hotfixes / patches for Splunk app / product releases to manage enterprise vulnerabilities.

Assist with development of knowledge articles, documentation, and work instructions used by the Splunk, server, desktop and Information System Security teams, and Tier 2 / 3 Help Desk technicians.

WHAT YOU’LL NEED TO SUCCEED :

Education : Bachelor of Arts / Bachelor of Science

Required Experience : 2+ years of related experience

Security Clearance Level : TS / SCI w / Poly

Required Skills and Abilities : Experience managing user authentication within Splunk to include Role and Attribute Based Access Controls (RBAC ABAC), authentication with Lightweight Directory Access Protocol and Active Directory (LDAP AD), and managing access via HEC tokens is highly preferred.

Experience implementing and managing Apps within Splunk is highly preferred.

Preferred Skills : Experience reviewing network, host and firewall security logs, experience with using scripting languages such as CSS, HTML, JavaScript, Python, and shell scripting to automate tasks and manipulate data, experience managing integrations with technical add-ons with a relevant experience integrating DBConnect, Experience with Splunk Machine Learning Toolkit (MLTK), solid knowledge of RMF, Trellix ePO, NESSUS, SCAP, and vulnerability scanning is highly preferred, expert understanding in data analytics, Hadoop, MapReduce, visualization is a plus, programming experience PowerShell or Python is a plus, Experience using ServiceNow ticketing system, broad operations or development experience is a plus, Strong organization, communication, and collaboration skills and be customer-focused and results oriented.

Location : On Site

US Citizenship Required

40 hours / week; Day-shift, M-F work hours; available for after hours on call.

DoD Minimum : Security+ OR Network+ Certification

GDIT IS YOUR PLACE : K with company match

K with company match

Comprehensive health and wellness packages

Internal mobility team dedicated to helping you own your career

Professional growth opportunities including paid education and certifications

Cutting-edge technology you can learn from

GREENWAY

ITPolyMD