Splunk Content Engineer

Blu Omega is seeking a Splunk Content Engineer to join a dynamic Security Operations Center (SOC) team where your expertise will be pivotal in shaping our organization's cybersecurity defense. You'll design, optimize, and maintain Splunk detection content, dashboards, and automation workflows that empower analysts to rapidly identify and respond to threats across diverse environments-including traditional IT, IoT, and OT systems. This role offers a unique opportunity to influence security operations in a rapidly evolving threat landscape, ensuring our organization stays one step ahead of cyber adversaries.

Work Location: Hybrid schedule

• 3 days onsite in Herndon, VA
• 2 days remote

Clearance Needed:

• Active Secret clearance required.

Responsibilities:

• Design, develop, and refine Splunk correlation searches, dashboards, and alerts focused on detecting cybersecurity threats across IT, IoT, and OT environments.
• Build automation workflows, investigative queries, and response playbooks that support efficient incident triage and response, with particular attention to IoT and OT protocols and behaviors.
• Collaborate closely with SOC analysts and engineers to minimize false positives, enhance alert accuracy, and continuously improve detection logic.
• Ensure detection content aligns with organizational security priorities, adapting to emerging threats and new operational environments.

Qualifications:

• Active Secret clearance.
• Hands-on experience developing, implementing, and managing Splunk correlation rules and security content.
• Demonstrated ability to design and implement event correlation logic within Splunk environments.
• Proven experience tuning correlation rules to reduce noise, false positives, and known errors.
• Experience maintaining event schemas and applying customized severity criteria within Splunk.
• Ability to create and maintain scheduled and ad hoc reports in Splunk.
• Strong understanding of Splunk architecture, data ingestion methods, including event collector deployment in Windows and Linux environments.
• Excellent written and verbal communication skills, capable of conveying technical concepts clearly to non-technical audiences.

Nice to Have:

• Familiarity with IoT and OT security protocols and behaviors.
• Experience with automation tools such as scripting in Python, PowerShell, or Bash.
• Knowledge of additional security information and event management (SIEM) platforms.
• Certifications such as Splunk Certified Enterprise Security Admin or SPLK-3001 are a plus.

Salary Range: $90K - $130K
Our final salary offer will be based on several factors, including depth of technical skills, work experience, education, certifications, and clearance

What Blu Omega Can Offer You:

• Competitive benefits including Health Insurance, 401K w/ match, Paid Time Off and more.
• Results driven culture that embrace our core values
• Rewarding work contributing to our Nation's mission critical programs

Blu Omega is a Woman Owned Small Business Federal Technology services firm headquartered in Washington DC and supporting clients nationally. We provide Technology solutions for enterprise and government customers. Our team has a past performance in a diverse range of programs including those for Data Management, Cloud/Infrastructure, Software Development and Enterprise Applications.

An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

#CJ