Cybersecurity Engineer/Analyst- Splunk (Hybrid)

ASRC Federal NetCentric Technology is seeking a mid-level Cybersecurity Engineer Analyst - Splunk to support one of our federal government clients. The successful candidate MUST possess an active Secret Security Clearance and have experience supporting enterprise-wide log management, security event monitoring, and compliance initiatives utilizing the Splunk platform. The position is hybrid therefore requiring onsite presence 3-days a week at our main customer location in Alexandria, Virginia with travel up to 30% to Seaside, California as required.

Responsibilities:

• Log Source Validation & Compliance Alignment

• Ensure log review SOPs align with STIG and organizational requirements.
• Validate log generation, storage, and security configurations across systems.
• Confirm system clocks are synchronized to ZULU time for consistent timestamping.

• Log Review & Anomaly Detection

• Perform regular analysis of log data to identify anomalies, misconfigurations, or potential threats.
• Document findings and escalate suspicious activity to incident response teams.

• SIEM Integration & Data Feed Management

• Integrate DHRA and third-party data feeds into the Splunk SIEM platform.
• Deploy and maintain loggers, connectors, and event collectors to ensure data continuity.

• Alerting, Correlation & Use Case Development

• Develop and tune correlation rules, filters, and alerts to detect significant security events.
• Create and maintain use cases to support threat detection and compliance monitoring.

• System Maintenance & Component Deployment

• Deploy and upgrade Splunk components including ESM, SOAR, and UBA modules.
• Coordinate with IT operations and program managers for system modifications and downtimes.

• Log Retention, Rotation & Archival Oversight

• Monitor log rotation and archival processes to ensure compliance with retention policies.
• Conduct regular checks on storage capacity and automate log lifecycle management.

• Security Event Analysis & Trend Monitoring

• Conduct in-depth analysis of network, system, and application logs.
• Identify trends, detect intrusions, and support forensic investigations.

• Collaboration & Continuous Improvement

• Work with stakeholders to refine logging strategies and respond to audit findings.
• Recommend improvements based on policy changes, technology updates, and security needs.

Required Qualifications:

• Clearance:
• For candidates possessing a security clearance: An active Secret or above is required with the ability to obtain a Top Secret.
• For candidates not possessing a security clearance: Must be able to obtain an interim Secret clearance.
• This position requires the successful applicant to obtain and maintain the required security clearance or other authorization(s) within the necessary timeframe required by applicable contract(s).
• Active DoD 8570 IAT Level III certification (Security+ CE, CISSP, etc.)
• 5+ years in cybersecurity operations, with specific expertise in Splunk and UBA and SOAR technologies.

• This is a hybrid (3-days per week onsite) position in Alexandria, Virginia with travel up to 30% to Seaside, California as required.
• Ability to support Cybersecurity reviews, SOP development and maintenance including assisting in the generation of security artifacts, such as security plans, POA&M, and security CONOPS.
• Splunk Training and Certification :
  • Core Certified Power User (must have)
  • Splunk Enterprise Security Certified Admin
  • Splunk Certified Cybersecurity Defense Analyst Splunk
  • Splunk Certified Architect

Why ASRC?

As a wholly owned subsidiary of Arctic Slope Regional Corporation, an Alaska Native Corporation, we are inspired by the Iñupiat culture. We embrace stewardship and the idea of using every resource effectively; teamwork when striving to achieve goals and building a collaborative environment; integrity in adhering to high moral principles and professional standards; respect in welcoming and regarding the differing opinions, experiences, rights and traditions of others; accountability in that we meet our commitments and take responsibility for our results; and continuous improvement, always striving to make things better, raising the bar and staying humble.

Advantages of Working at ASRC Federal:

• Purpose-Driven Careers: Join a company recognized as a:

• Certified Great Place to Work

• Military Times' Best for Vets Employer

• Military.com's Top 25 Veteran Employer

• Comprehensive Benefits:

• Insurance Coverage: Comprehensive plans for medical, dental, vision, life insurance, and short-term/long-term disability

• Paid Leave: Inclusive policies for bereavement, military obligations, and parental needs, along with 11 paid holidays annually

• Retirement Savings: A 401(k) plan with a generous company match and immediate vesting to help secure your financial future

• Incentives: Employee referral bonuses to reward you for helping grow the ASRC Federal Family

• Learning and Development:

• After 90 days of employment, regular full-time employees are eligible for our professional development program. This includes annual funding for:

• Pursuing Associate's, Bachelor's, or Graduate Degrees

• Obtaining industry-standard professional certifications

• Participating in professional certificate programs

• Covering registration fees for professional conferences

• Centers of Excellence : We established the Centers of Excellence to build, leverage and grow our technological capabilities, best practices and offer professional development for our technical teams. They contain many Communities of Practice which are forums that offer a platform to share ideas, best practices, innovations, and to collaborate with technical peers.

Embark on a career with ASRC Federal, where your growth, purpose, and well-being are at the forefront of what we do!