Splunk Architect/Engineer - Senior (w/ active TS/SCI)Location: Annapolis Junction, MD
Clearance: Active Top Secret/SCI
Full-time/ On-site
JOB DESCRIPTIONCritical Solutions is seeking a Security Splunk Architect/Engineer to support a federal program in Annapolis Junction, MD. The Security Splunk Architect/Engineer's primary responsibility is to maintain and enhance the existing Splunk infrastructure in the enterprise. Further projects will involve the implementation of Splunk Enterprise Security (ES) and Security Orchestration, Automation, and Response (SOAR) and other vendor solutions.
PRIMARY ROLES AND RESPONSIBILITIES:
- Implements, tests, and operates advanced software security techniques in compliance with technical reference architecture.
- Performs on-going security testing and code review to improve software security.
- Troubleshoots and debugs issues that arise.
- Provides engineering designs for new software solutions to help mitigate security vulnerabilities.
- Contributes to all levels of the architecture and maintains technical documentation.
- Consults team members on secure coding practices. Develops a familiarity with new tools and best practices.
- Designing, implementing, and maintaining SIEM and SOAR solutions.
- Design and implement threat detection, automate incident response processes, integration of various security tools with SIEM and SOAR platforms via APIs
- Maintain SIEM applications to collect and aggregate IDS and IPS data from network sensors, raw data from collection agents, firewalls, proxy servers, DLP, antivirus, vulnerability scanner elements, and other security-relevant devices.
- Utilize expertise in Splunk "Search" language, Splunk Dashboards, Reports, Lookup Tables, and Summary Indexes. Build Splunk dashboards that take inputs from various data sources such as application logs / operating system logs / middleware logs / network feeds etc. and identify / highlight anomalous activities on the dashboards by their severity levels.
- Perform troubleshooting and provide assistance with the creation of Splunk search queries and dashboards.
BASIC QUALIFICATIONS:
- Active Top Secret/SCI (TS/SCI) security clearance required. Must be U.S. Citizen.
- Bachelor's degree and 12 years of relevant experience, Masters degree and 10 years, or a PhD and 7 years. Equivalent four years of work experience can substitute for a degree.
- Proven experience as a Splunk Administrator or similarly named Splunk focused role.
- Strong understanding of Splunk architecture, components, and deployment options.
- Proficiency in Splunk Search Processing Language (SPL) for creating complex search queries and reports.
- Experience with Splunk data ingestion methods, including forwarders, HTTP Event Collector (HEC), and scripted inputs.
- Familiarity with Splunk Enterprise Security (ES), Qumolos, and Splunk SOAR is a plus.
- Solid understanding of IT infrastructure, including networking, operating systems, and security principles.
- Excellent problem-solving skills and attention to detail.
- Strong communication and collaboration abilities.
- 8140/8570 IAT Level III certification required.
PREFERRED QUALIFICATIONS
:- Splunk Architect is desired.
- Splunk Certified Administrator certification desired.
LOCATION:
- Annapolis Junction, MD
- On site only
- Must be willing and able to commute to Annapolis Junction, MD
ADDITIONAL INFORMATION:Clearance Requirement: Possess an active DoD Top Secret/SCI Clearance. In addition, selected candidate must undergo background investigation (BI) and finger printing by the federal agency and successfully pass the preceding to qualify for the position. US CITIZENSHIP IS REQUIRED.
CRITICAL SOLUTIONS PAY AND BENEFITS:
Salary range $- - $-. The salary range for this position represent the typical salary range for this job level and this does not guarantee a specific salary. Compensation is based upon multiple factors such as responsibilities of the job, education, experience, knowledge, skills, certifications, and other requirements.
BENEFIT SNAPSHOT: 100% premium coverage for Medical, Dental, Vision, and Life Insurance, Supplemental Insurance, 401K matching, Flexible Time Off (PTO/Holidays), Higher Education/Training Reimbursement, and more.
