Step into a mission-driven cybersecurity role where your expertise directly strengthens the security, resilience, and intelligence of an enterprise-scale environment. We’re looking for a Senior Cyber Security Engineer who is passionate about protecting critical systems, solving complex technical challenges, and building high‑performance data collection and monitoring capabilities that empower smarter decision-making.

Responsibilities:

• Troubleshoot and resolve new or existing data collection issues to ensure accurate, reliable ingestion of security‑relevant data.

• Diagnose and remediate system issues affecting stability, performance, and overall usability.

• Deploy, manage, and maintain both supported and unsupported Splunk Add‑ons across diverse data sources.

• Develop and maintain detailed documentation, including BOE artifacts, engineering documentation, change management records, system security plans, and accreditation materials.

• Deliver comprehensive Splunk deployment documentation outlining specifications, deployment strategies, and architectural considerations for production environments.

• Implement and uphold strict role‑based access controls to ensure data is shared only on a validated need‑to‑know basis.

• Design and deploy Splunk forwarders using centralized configuration management via the Splunk Deployment Server, enabling rapid and consistent deployments.

Qualifications:

Required:

• An active TS/SCI with Polygraph is required.

• Bachelor’s degree, or 4+ years of additional cybersecurity experience in lieu of a degree.

• 5+ years in a cybersecurity-focused role.

• Hands-on experience with SIEM platforms and/or Splunk.

• Strong understanding of Linux administration, operating system security best practices, TCP/IP networking, and network security fundamentals.

• Familiarity with Certification & Accreditation (C&A) processes.

• Working knowledge of DoD policies and technical security guidelines for information systems.

• DoD Directive 8570.1 IAT Level II or higher certification (or ability to obtain within 6 months).

• Active Splunk certification.

Desired:

• Experience with Red Hat, CentOS, or similar Linux distributions.

• Exposure to AWS or other cloud platforms.

• Knowledge of ICS 500‑27 audit collection requirements.

• Familiarity with Enterprise Security Services, Host-Based Security Services, Enterprise Vulnerability Scanning Services, and User Activity Monitoring (UAM).

• Ability to tailor data feed creation to ensure logs are standardized according to policy and compliance standards.

Physical Requirements:

• Ability to remain in a stationary position approximately 50% of the time.

• Occasional movement within the office to access equipment or collaborate with colleagues via meetings, presentations, or communication tools.