Posted 1 day ago
Secret
Mid Level Career (5+ yrs experience)
Unspecified
IT - Security
Remote/Hybrid•Alexandria, VA (Off-Site/Hybrid)
August Schell is seeking a Splunk / SIEM Engineer with advanced hands-on experience in designing, deploying, and maintaining large-scale Splunk environments. This role requires strong technical capabilities in troubleshooting complex system issues, creating custom dashboards, and managing Splunk clusters aligned with best practices. The candidate will support a Department of Defense customer from the Mark Center in Alexandria, VA (hybrid role).
Minimum Qualifications (Knowledge, Skills, and Abilities)
-Bachelor’s degree in computer science, Information Systems, Information Assurance or other relevant field.
-At least five (5) years of experience in Splunk administration or engineering roles
-Knowledge of Splunk architecture, deployment models, and indexing best practices
-At least ten (10) years of overall Cybersecurity experience.
-At least five (5) years of SIEM experience
-Experience with vulnerability scanning, STIGs, database tuning, and network virtualization technologies
-Proficiency in creating custom dashboards and advanced queries
-Must possess a valid DoD 8570 IAT-II certification (ex. Security+)
-Active Secret clearance required; must be willing and able to obtain Top Secret clearance.
-Strong problem-solving skills and ability to work independently or within a team
-Excellent written and verbal communication skills
Stand Out With
-DoD 8570 CSSP Analyst Certification desired
-Current Splunk Administrator or higher Certification
-Familiarity with DevOps and automation tools such as Ansible or Terraform
-Knowledge of compliance frameworks and reporting (RMF, NIST 800-53)
-Experience with Enterprise Security (ES) and/or ITSI modules within Splunk
-Experience with Elastic
-Familiarity with Linux and Windows server environments
Essential Duties and Responsibilities
-Deploy, configure, and maintain complex Splunk clusters across varied hardware platforms
-Develop and optimize advanced Splunk dashboards and queries to support mission-critical operations
-Troubleshoot and resolve issues within large-scale, complex Splunk environments
-Implement best practices for indexing, data transformation, and system architecture
-Collaborate with cybersecurity and network teams to integrate Splunk with enterprise monitoring solutions
-Support vulnerability and STIG scanning operations and interpret outputs for system compliance
-Manage virtual environments including VRFs and VLAN
-Perform system updates, patching, and ensure compliance with DoD cybersecurity requirements
-Document configurations and operational procedures for audit and continuity purposes
Minimum Qualifications (Knowledge, Skills, and Abilities)
-Bachelor’s degree in computer science, Information Systems, Information Assurance or other relevant field.
-At least five (5) years of experience in Splunk administration or engineering roles
-Knowledge of Splunk architecture, deployment models, and indexing best practices
-At least ten (10) years of overall Cybersecurity experience.
-At least five (5) years of SIEM experience
-Experience with vulnerability scanning, STIGs, database tuning, and network virtualization technologies
-Proficiency in creating custom dashboards and advanced queries
-Must possess a valid DoD 8570 IAT-II certification (ex. Security+)
-Active Secret clearance required; must be willing and able to obtain Top Secret clearance.
-Strong problem-solving skills and ability to work independently or within a team
-Excellent written and verbal communication skills
Stand Out With
-DoD 8570 CSSP Analyst Certification desired
-Current Splunk Administrator or higher Certification
-Familiarity with DevOps and automation tools such as Ansible or Terraform
-Knowledge of compliance frameworks and reporting (RMF, NIST 800-53)
-Experience with Enterprise Security (ES) and/or ITSI modules within Splunk
-Experience with Elastic
-Familiarity with Linux and Windows server environments
Essential Duties and Responsibilities
-Deploy, configure, and maintain complex Splunk clusters across varied hardware platforms
-Develop and optimize advanced Splunk dashboards and queries to support mission-critical operations
-Troubleshoot and resolve issues within large-scale, complex Splunk environments
-Implement best practices for indexing, data transformation, and system architecture
-Collaborate with cybersecurity and network teams to integrate Splunk with enterprise monitoring solutions
-Support vulnerability and STIG scanning operations and interpret outputs for system compliance
-Manage virtual environments including VRFs and VLAN
-Perform system updates, patching, and ensure compliance with DoD cybersecurity requirements
-Document configurations and operational procedures for audit and continuity purposes
group id: RTL73977
