Job Requirements
Reston, VA
Top Secret/SCI Polygraph not specified
Senior Level Career (10+ yrs experience)
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Job Title: Splunk Security Engineer
Location: Reston, VA
Clearance: Active TS/SCI with Polygraph Required
Company: Quantum Science Solutions (QSS)
Compensation: Open Rate
Position Overview
Quantum Science Solutions (QSS) supports mission-critical cybersecurity operations for customers within the IC. We are seeking an experienced Splunk Security Engineer to design, implement, and optimize enterprise-scale Splunk environments supporting classified cyber defense operations.
The Splunk Security Engineer will serve as a technical leader responsible for engineering and maintaining Splunk Enterprise and Splunk Enterprise Security (ES) environments, integrating enterprise log sources, enhancing threat detection capabilities, and supporting Security Operations Center (SOC) missions. This individual will work closely with cybersecurity engineers, system administrators, cloud engineers, and mission stakeholders to improve security visibility, automate operational processes, and ensure compliance with federal cybersecurity standards across highly secure government environments.
Key Responsibilities
• Design, deploy, administer, and optimize enterprise-scale distributed Splunk Enterprise and Splunk Enterprise Security (ES) environments.
• Integrate enterprise log sources including operating systems, network devices, cloud platforms, applications, databases, and security tools using Universal Forwarders, APIs, and Syslog.
• Develop custom dashboards, reports, visualizations, alerts, and correlation searches supporting threat hunting, incident response, governance, and executive reporting.
• Configure and maintain Splunk Common Information Model (CIM), field extractions, event types, tags, macros, and knowledge objects to improve data normalization and search accuracy.
• Optimize search performance, indexing, storage utilization, and distributed Splunk architecture to improve operational efficiency.
• Automate Splunk engineering, deployment, administration, and onboarding activities using Python, Bash, Ansible, reusable scripts, and YAML-based configurations.
• Onboard new enterprise data sources while developing standardized ingestion and automation processes.
• Support Security Operations Center (SOC) missions through advanced log analytics, SIEM engineering, and detection content development.
• Support Incident Response (IR), digital forensics, and cyber threat detection through advanced security monitoring and log analysis.
• Assist with implementation of Zero Trust Architecture (ZTA), Continuous Monitoring (ConMon), Risk Management Framework (RMF), and ICD 503 security requirements.
• Develop and maintain cybersecurity documentation including System Security Plans (SSPs), Security Assessment Reports (SARs), Plans of Action & Milestones (POA&Ms), and other Assessment & Authorization (A&A) artifacts.
• Provide technical guidance regarding Splunk architecture, SIEM tuning, cyber policy compliance, and Authorization to Operate (ATO) sustainment.
• Produce engineering documentation, configuration guides, standard operating procedures, and change management documentation.
• Ensure compliance with NIST 800-53, CNSSI 1253, ICD 503, and DoD STIG security requirements.
• Collaborate with cross-functional engineering teams to support secure enterprise cybersecurity operations and mission objectives.
Mandatory Skills
• U.S. Citizenship
• Active TS/SCI Clearance with Polygraph
• 10+ years of cybersecurity experience supporting secure government or Intelligence Community environments
• Minimum 5 years of hands-on Splunk engineering experience supporting classified environments
• Extensive experience administering: Splunk Enterprise, Splunk Enterprise Security (ES), Distributed Splunk environments, Splunk clustering, Common Information Model (CIM)
• Experience integrating enterprise log sources across infrastructure, cloud, network, application, and security platforms.
• Strong experience developing dashboards, searches, alerts, correlation rules, and security visualizations.
• Experience optimizing Splunk search performance and indexing architecture.
• Proficiency with Linux operating systems and Linux command-line administration.
• Experience with Python and Bash scripting.
• Experience supporting Incident Response, Threat Hunting, Digital Forensics, or Security Operations Center (SOC) environments.
• Knowledge of: NIST 800-53, RMF, ICD 503, Continuous Monitoring (ConMon), Zero Trust Architecture
• Experience supporting AWS, GovCloud, C2S, VMware, or other secure cloud environments.
• Excellent written and verbal communication skills with the ability to communicate effectively with technical teams and government stakeholders.
Preferred Skills
• Splunk Certified Power User
• Splunk Certified Administrator
• Splunk Enterprise Security Certified Administrator
• Experience with infrastructure automation using Ansible, Terraform, or Jenkins.
• Experience integrating threat intelligence feeds into Splunk.
• Experience developing advanced correlation searches and detection content.
• Experience supporting DHS, ODNI, or other Intelligence Community organizations.
• Experience with DevSecOps practices and Infrastructure as Code (IaC).
• Familiarity with multi-tenant enterprise cybersecurity environments.
Education
Bachelor's degree in Computer Science, Cybersecurity, Information Technology,
Information Systems, Engineering, or a related technical discipline.
OR
High School Diploma with equivalent directly related cybersecurity and Splunk engineering
experience.
Desired Certifications
• CISSP, Security+, AWS Certification
Why QSS?
At QSS, you'll support mission-critical cybersecurity operations protecting government systems and critical infrastructure from evolving cyber threats while working alongside experienced cybersecurity professionals.
Location: Reston, VA
Clearance: Active TS/SCI with Polygraph Required
Company: Quantum Science Solutions (QSS)
Compensation: Open Rate
Position Overview
Quantum Science Solutions (QSS) supports mission-critical cybersecurity operations for customers within the IC. We are seeking an experienced Splunk Security Engineer to design, implement, and optimize enterprise-scale Splunk environments supporting classified cyber defense operations.
The Splunk Security Engineer will serve as a technical leader responsible for engineering and maintaining Splunk Enterprise and Splunk Enterprise Security (ES) environments, integrating enterprise log sources, enhancing threat detection capabilities, and supporting Security Operations Center (SOC) missions. This individual will work closely with cybersecurity engineers, system administrators, cloud engineers, and mission stakeholders to improve security visibility, automate operational processes, and ensure compliance with federal cybersecurity standards across highly secure government environments.
Key Responsibilities
• Design, deploy, administer, and optimize enterprise-scale distributed Splunk Enterprise and Splunk Enterprise Security (ES) environments.
• Integrate enterprise log sources including operating systems, network devices, cloud platforms, applications, databases, and security tools using Universal Forwarders, APIs, and Syslog.
• Develop custom dashboards, reports, visualizations, alerts, and correlation searches supporting threat hunting, incident response, governance, and executive reporting.
• Configure and maintain Splunk Common Information Model (CIM), field extractions, event types, tags, macros, and knowledge objects to improve data normalization and search accuracy.
• Optimize search performance, indexing, storage utilization, and distributed Splunk architecture to improve operational efficiency.
• Automate Splunk engineering, deployment, administration, and onboarding activities using Python, Bash, Ansible, reusable scripts, and YAML-based configurations.
• Onboard new enterprise data sources while developing standardized ingestion and automation processes.
• Support Security Operations Center (SOC) missions through advanced log analytics, SIEM engineering, and detection content development.
• Support Incident Response (IR), digital forensics, and cyber threat detection through advanced security monitoring and log analysis.
• Assist with implementation of Zero Trust Architecture (ZTA), Continuous Monitoring (ConMon), Risk Management Framework (RMF), and ICD 503 security requirements.
• Develop and maintain cybersecurity documentation including System Security Plans (SSPs), Security Assessment Reports (SARs), Plans of Action & Milestones (POA&Ms), and other Assessment & Authorization (A&A) artifacts.
• Provide technical guidance regarding Splunk architecture, SIEM tuning, cyber policy compliance, and Authorization to Operate (ATO) sustainment.
• Produce engineering documentation, configuration guides, standard operating procedures, and change management documentation.
• Ensure compliance with NIST 800-53, CNSSI 1253, ICD 503, and DoD STIG security requirements.
• Collaborate with cross-functional engineering teams to support secure enterprise cybersecurity operations and mission objectives.
Mandatory Skills
• U.S. Citizenship
• Active TS/SCI Clearance with Polygraph
• 10+ years of cybersecurity experience supporting secure government or Intelligence Community environments
• Minimum 5 years of hands-on Splunk engineering experience supporting classified environments
• Extensive experience administering: Splunk Enterprise, Splunk Enterprise Security (ES), Distributed Splunk environments, Splunk clustering, Common Information Model (CIM)
• Experience integrating enterprise log sources across infrastructure, cloud, network, application, and security platforms.
• Strong experience developing dashboards, searches, alerts, correlation rules, and security visualizations.
• Experience optimizing Splunk search performance and indexing architecture.
• Proficiency with Linux operating systems and Linux command-line administration.
• Experience with Python and Bash scripting.
• Experience supporting Incident Response, Threat Hunting, Digital Forensics, or Security Operations Center (SOC) environments.
• Knowledge of: NIST 800-53, RMF, ICD 503, Continuous Monitoring (ConMon), Zero Trust Architecture
• Experience supporting AWS, GovCloud, C2S, VMware, or other secure cloud environments.
• Excellent written and verbal communication skills with the ability to communicate effectively with technical teams and government stakeholders.
Preferred Skills
• Splunk Certified Power User
• Splunk Certified Administrator
• Splunk Enterprise Security Certified Administrator
• Experience with infrastructure automation using Ansible, Terraform, or Jenkins.
• Experience integrating threat intelligence feeds into Splunk.
• Experience developing advanced correlation searches and detection content.
• Experience supporting DHS, ODNI, or other Intelligence Community organizations.
• Experience with DevSecOps practices and Infrastructure as Code (IaC).
• Familiarity with multi-tenant enterprise cybersecurity environments.
Education
Bachelor's degree in Computer Science, Cybersecurity, Information Technology,
Information Systems, Engineering, or a related technical discipline.
OR
High School Diploma with equivalent directly related cybersecurity and Splunk engineering
experience.
Desired Certifications
• CISSP, Security+, AWS Certification
Why QSS?
At QSS, you'll support mission-critical cybersecurity operations protecting government systems and critical infrastructure from evolving cyber threats while working alongside experienced cybersecurity professionals.
group id: 91142086
