Splunk Engineer - Active TS/SCI Required
ENS Solutions, LLC · College Park, MD · 3 mo ago
On-siteEngineeringFull-time
About the role
You will work with an expert team focused on implementing and operating next-generation security solutions for government and commercial clients. You'll use Splunk and integrate it with other state-of-the-art tools like HBSS, Enterprise Security Manager (ESM), Network Security Manager (NSM), NetFlow, and/or Intrusion Detection Systems (IDS) to monitor, detect, and analyze threats.
Responsibilities
- Perform hands-on evaluation, implementation, and operation of leading security Cyber defense tools and technologies
- Apply in-depth defense strategies for large and complex networks to rapidly identify vulnerabilities and threats
- Prioritize response actions, including developing effective countermeasures
- Support the risk management and security compliance of specified cyber security tools
- Apply thought leadership to solving complex security challenges in a highly collaborative and innovative work environment
Requirements
- 3+ years of experience utilizing Splunk Enterprise
- Experience with deploying, configuring, and performing functional testing and data validation in a Splunk environment
- Experience with Splunk performing systems administration, including performing installation, configuration, monitoring system performance and availability, upgrades, and troubleshooting in Windows and Linux Server environments
- Experience creating custom dashboards, writing queries and generating reports, and setting up alerts and notifications
- Familiarity with DoD Risk Management Framework
- Top Secret/SCI clearance with the ability to obtain a Counter-Intelligence polygraph
- HS diploma or GED and 7+ years of experience with supporting IT projects and activities, Associate's degree and 5+ years of experience with supporting IT projects and activities, or Bachelor's degree and 3+ years of experience with supporting IT projects and activities
- DoD 8570 IAT Level II Certification, including CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, or SSCP
- Ability to obtain a DoD 8570.01-M Cybersecurity Service Provider - Infrastructure Support Certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND Certification prior to start date
Qualifications
- Optional Qualifications: Ability to ingest and parse logs within Splunk, Experience with fields abstraction, Experience with data modeling using Splunk, Experience with workflows and drilldown query, Experience administering Splunk in distributed deployments, Experience with performing site surveys, data gathering, and research and analysis regarding deploying and implementing security tools, Splunk Certified Power User or other advanced Splunk Certification, Experience with DevSecOps and Elasticsearch, Logstash & Kibana (ELK)
Skills
- Excellent oral and written communication skills, including using presentation expertise to convey complex ideas to client and internal staff
- Excellent problem-solving skills
Benefits
- Essential Network Security (ENS) Solutions, LLC is a service-disabled veteran owned, highly regarded IT consulting and management firm
- Free Platinum-Level Medical/Dental/Vision coverage, 100% paid for by ENS
- 401k Contribution from Day 1
- PTO + 11 Paid Federal Holidays
- Long & Short Term Disability Insurance
- Group Term Life Insurance
- Tuition, Certification & Professional Development Assistance
- Workers' Compensation
- Relocation Assistance
Why ENS?
- Candidate AI Usage Policy: AI tools are an important part of daily work at ENS Solutions, and we are committed to their responsible and ethical use. To ensure a fair and equitable candidate evaluation based on individual skills, knowledge, and experience, candidates are not permitted to use artificial intelligence or other assistive tools during interviews, whether in person or virtual, unless explicit permission has been granted in advance.