Today
Secret
Unspecified
Unspecified
Washington, DC (On-Site/Office)
OVERVIEW:
A technical expert who manages and optimizes the Splunk environment, ensuring accurate log ingestion, dashboard development, and content creation to enable real-time detection and incident response.
GENERAL DUTIES:
REQUIRED QUALIFICATIONS:
CLEARANCE:
A technical expert who manages and optimizes the Splunk environment, ensuring accurate log ingestion, dashboard development, and content creation to enable real-time detection and incident response.
GENERAL DUTIES:
- Maintain and optimize distributed Splunk architecture (indexers, forwarders, search heads).
- Design and develop dashboards, reports, and custom SPL queries.
- Create and manage Splunk knowledge objects (e.g., lookups, macros, tags).
- Integrate disparate data sources for real-time analysis and threat detection.
- Collaborate with TESIEMS and SOC teams for tuning detection content and workflows.
- Support patching, upgrades, and Splunk platform administration.
REQUIRED QUALIFICATIONS:
- 4-7 years of Splunk or SIEM experience.
- Strong knowledge of data normalization, log ingestion, and indexing pipelines.
- Experience with SOAR automation and Splunk content development.
- Degree Requirements (if applicable) bachelor's degree from an accredited institute in an area applicable to the position in Cybersecurity, Computer Science, Information Systems, or a related discipline.
- Three (3) years of additional experience in lieu of degree.
- Splunk certifications (e.g., Splunk Core Certified Power User, Splunk Certified Admin/Architect)
- Relevant certifications, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Cyber Security Analyst + (CySA+) are highly desirable.
CLEARANCE:
- Secret minimum
group id: 90943786
