Today
Top Secret/SCI
Unspecified
Unspecified
nortfolk, VA (On-Site/Office)
Splunk Enterprise Security (ES) Consultant
Overview:
We are seeking an experienced Splunk Enterprise Security (ES) Consultant to support a Department of Defense (DoD) customer in the Suffolk/Norfolk, VA area. The ideal candidate will possess deep expertise in Splunk Enterprise Security, with a strong understanding of Security Operations, event correlation, and data analytics. This role requires both hands-on implementation and advisory skills to enhance the customer's security posture through proactive monitoring, threat detection, and automation.
Key Responsibilities:
Required Qualifications:
Preferred Qualifications:
Overview:
We are seeking an experienced Splunk Enterprise Security (ES) Consultant to support a Department of Defense (DoD) customer in the Suffolk/Norfolk, VA area. The ideal candidate will possess deep expertise in Splunk Enterprise Security, with a strong understanding of Security Operations, event correlation, and data analytics. This role requires both hands-on implementation and advisory skills to enhance the customer's security posture through proactive monitoring, threat detection, and automation.
Key Responsibilities:
- Deploy, configure, and maintain Splunk Enterprise Security (ES) environments.
- Develop, customize, and optimize correlation searches, dashboards, and reports.
- Integrate and normalize data sources across multiple environments to enhance visibility.
- Support SOAR (Security Orchestration, Automation, and Response) use cases and playbook development.
- Collaborate with cybersecurity, infrastructure, and operations teams to ensure compliance with DoD security policies.
- Conduct tuning, health checks, and performance optimization of Splunk environments.
- Provide documentation, knowledge transfer, and recommendations to enhance ongoing operations.
Required Qualifications:
- Active TS/SCI clearance.
- U.S. Citizenship.
- Splunk Core Certified Consultant certification.
- Splunk Accredited Enterprise Security (ES) Implementation certification.
- 5+ years of experience supporting cybersecurity or SIEM initiatives, with at least 3 years focused on Splunk ES.
- Experience developing custom dashboards, correlation searches, and integrating with SOAR platforms.
- Strong understanding of DoD cybersecurity frameworks and incident response processes.
Preferred Qualifications:
- Prior experience supporting DoD or intelligence community customers.
- Familiarity with Splunk SOAR (formerly Phantom).
- Ability to obtain Splunk SOAR certification within 6 months of onboarding.
group id: 91130387
