Security Engineer (Splunk)

Job Description

Job Description

Security Engineer – Splunk

Location: Fayetteville, NC (on-site)

Position Summary: SOFtact Solutions is seeking a Security Engineer to help design and implement solutions that support IT operations. The Security Engineer will manage security tech, including Splunk Enterprise Security (ES), and focus on maintaining and monitoring a large, distributed Splunk deployment. You will help guide the technical direction of our Splunk setup and integrate data feeds. The candidate must have solid Splunk experience who can collaborate with a diverse team and work with end users across different locations.

Company Overview: STS is a Woman Owned Small Business (WOSB) that carries a passion for problem-solving in support of today’s warfighters and government entities by providing Strategic Advisory and Program Management, C5ISR Enterprise Architecture and Design, Cybersecurity, IT Services, and ServiceNow Solutions. Committed to innovation and excellence, STS integrates high-end engineering services to deliver cost-effective, nonproprietary software systems across mission-critical operations.

Key Responsibilities:

• Provides technical/management leadership on major tasks or technology assignments.
• Leads integration effort between all customer defined Security Operations Center tools with the Splunk Security Information and Event Management (SIEM) platform.
• Performs technical troubleshoot efforts in support of customer resources for complete network environments to identify and inform relevant parties of network or security configuration issues for SIEM data collection
• Responsible for SIEM security design review and recommendations, technical data gathering, security and policy review and configuration, security device implementation planning, configuration and implementation of security products, and technical quality assurance
• Designs, architects, and implements Splunk solutions in support of cyber-security and IT operations and data scientists
• Expected to demonstrate security related knowledge and skills, and good interpersonal and coordination skills
• Create custom parsers and correlation rules for alerting security personal to potential security incidents
• Research cyber security related emerging trends
• Provide experience architecting and managing Splunk Core and Splunk ES
• Assist in managing TAs, source types and data formats, search, index clustering, Splunk ES and data models, upgrades, etc
• Serve as a Subject Matter Expert (SME) for improvements, implementation, administration, and operations to Cybersecurity systems
• Your primary work location will be the vicinity of Fort Bragg, NC, with travel as required, and locations as directed by senior management from STS

Qualifications:

• Bachelor’s degree in a STEM-related field (preferred), or equivalent work experience
• Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information
• May ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure
• Ability to analyze data, identify trends, and make informed decisions
• May respond to computer security breaches and viruses
• Proficiency in resolving complex problems and adapting to changing circumstances

Required Skills

• DoD 8570 Certification in the IAT Level III and/or CNDSP tier or obtain within six months.
• Splunk Enterprise Security experience, including administration and integration with backend systems
• Experience with incident response, investigation, and incident handling
• Knowledge of network security zones, firewall, and IDS
• Knowledge of log formats for syslog, logs, and DB logs
• Knowledge of enterprise endpoint security products: McAfee e-Policy Orchestrator, Cylance, Microsoft Defender, etc
• Knowledge of network security tools and appliances: Cisco ISE, Palo Alto NextGen Firewalls, Blue Coat, etc
• Knowledge of Linux platforms
• Log debugging within the Splunk infrastructure and from remote sources i.e. syslog-ng, Windows, RHEL, networking devices, etc. to ensure data accuracy
• Development of tailored Splunk reports, dashboards, alerts, and advanced queries

Preferred Skills

• 2+ years of experience supporting cloud computing environments: AWS, Azure, GCP, etc. (Preferred) Experience with other big data analytics solutions: Elastic, Palantir, ArcSight, etc. (Preferred)

Clearance:

• Top Secret; with eligibility to obtain SCI (Applicants will be subject to security investigations and will have to meet eligibility requirements for classified information)

Equal Opportunity Employer: SOFtact Solutions is an equal opportunity and affirmative action employer. We consider applicants without regard to race, color, religion, creed, gender, national origin, age, disability, genetic information, marital or veteran status, or any other category protected by federal, state, or local law.