Leidos
Splunk Engineer Sr.
Leidos, Ashburn, Virginia, United States, 22011
DescriptionLeidos Digital Modernization Sector is seeking an experienced
Splunk Engineer
for this highly visible cyber security program supporting Customs and Border Protection (CBP) security operations center (SOC). CBP SOC is a US Government program responsible for preventing, identifying, containing, and eradicating cyber threats to CBP networks through monitoring, intrusion detection, and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, various cloud environments, security devices, servers, and workstations. The CBP SOC is responsible for the overall security of CBP Enterprise-wide information systems and collects, investigates, and reports any suspected and confirmed security violations.As a Splunk Engineer, you will support the full system engineering life cycle, including requirements analysis, design, development, implementation, integration, test, and documentation. You will also follow defined best practices and operational workflows.U.S. Citizenship
required
with the ability to favorably pass a 5-year (BI) Background Investigation BEFORE you begin work on the program.What will you do in this role?Provide overall engineering and administration in supporting a very large distributed clustered Splunk environment consisting of search heads, indexers, deployers, deployment servers, heavy/universal forwarders, and Splunk Enterprise Security premium apps, spanning security, performance, and operational roles.
Recognize and onboard new data sources into Splunk, building dashboards, searches, reports, etc.
Proficient within a Linux environment, edit and maintain Splunk configuration files and apps.
Familiar with Ansible or other automation tools.
As a member of the Enterprise Splunk team, which falls under Cybersecurity Engineering, you will be required to interact with end users to gather requirements, perform troubleshooting, and provide assistance with the creation of Splunk search queries and dashboards.
May be required to interact with senior management, as necessary.
These are required qualifications for this role…A minimum of a Bachelor’s degree with 8+ years’ experience in the Information Technology arena.
Additional Cyber Security Certifications and experience may be considered in lieu of Bachelor’s degree.
A combination of 4+ Years experience in Linux, Splunk, Ansible, app interface development, using REST APIs, or other Cyber technologies.
Ability to follow Change & Configuration Management, utilizing automation tools, such as Git.
4+ years of experience in a Splunk role working in a Splunk clustered environment, with experience in Splunk premium app management (Enterprise Security, ITSI).
Strong problem-solving abilities with an analytic and qualitative eye for reasoning under pressure.
Self-starter with the ability to independently prioritize and complete multiple tasks with little to no supervision.
Knowledge of Cloud Services such as AWS, Office365.
Understanding and usage of Regex.
Experience with scripting languages, such as Python, Bash, Visual Basic, or PowerShell.
Understanding basic networking principles or Enterprise network design.
Possess baseline security certification to meet DoD 8570 at IAT II requirements, such as Security +.
Must have a current or be able to favorably pass a 5-year (BI) Background Investigation to join this program.
Must have at least one of the following certifications:Splunk Enterprise Security Certified Admin
Splunk IT Service Intelligence Certified Admin
Splunk Cloud Certified Admin
Splunk SOAR Certified Automation Developer
Splunk Certified Developer
Splunk Enterprise Certified Admin
Splunk Enterprise Certified Architect
Splunk Core Certified Consultant
These are preferred qualifications for this role…Prior experience in a Splunk professional services role.
Possess certifications in Splunk premium app, such as Enterprise Security, ITSI, UBA.
Splunk Certified Developer certification.
Experience in automating Splunk Deployments and orchestration within a Cloud environment.
Experience with FISMA Systems requirements.
Experience with Confluence, JIRA, ServiceNow.
Cribl CCOE User certification.
Original Posting Date:
2024-09-20While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.Pay Range:
Pay Range $101,400.00 - $183,300.00The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
#J-18808-Ljbffr
Splunk Engineer
for this highly visible cyber security program supporting Customs and Border Protection (CBP) security operations center (SOC). CBP SOC is a US Government program responsible for preventing, identifying, containing, and eradicating cyber threats to CBP networks through monitoring, intrusion detection, and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, various cloud environments, security devices, servers, and workstations. The CBP SOC is responsible for the overall security of CBP Enterprise-wide information systems and collects, investigates, and reports any suspected and confirmed security violations.As a Splunk Engineer, you will support the full system engineering life cycle, including requirements analysis, design, development, implementation, integration, test, and documentation. You will also follow defined best practices and operational workflows.U.S. Citizenship
required
with the ability to favorably pass a 5-year (BI) Background Investigation BEFORE you begin work on the program.What will you do in this role?Provide overall engineering and administration in supporting a very large distributed clustered Splunk environment consisting of search heads, indexers, deployers, deployment servers, heavy/universal forwarders, and Splunk Enterprise Security premium apps, spanning security, performance, and operational roles.
Recognize and onboard new data sources into Splunk, building dashboards, searches, reports, etc.
Proficient within a Linux environment, edit and maintain Splunk configuration files and apps.
Familiar with Ansible or other automation tools.
As a member of the Enterprise Splunk team, which falls under Cybersecurity Engineering, you will be required to interact with end users to gather requirements, perform troubleshooting, and provide assistance with the creation of Splunk search queries and dashboards.
May be required to interact with senior management, as necessary.
These are required qualifications for this role…A minimum of a Bachelor’s degree with 8+ years’ experience in the Information Technology arena.
Additional Cyber Security Certifications and experience may be considered in lieu of Bachelor’s degree.
A combination of 4+ Years experience in Linux, Splunk, Ansible, app interface development, using REST APIs, or other Cyber technologies.
Ability to follow Change & Configuration Management, utilizing automation tools, such as Git.
4+ years of experience in a Splunk role working in a Splunk clustered environment, with experience in Splunk premium app management (Enterprise Security, ITSI).
Strong problem-solving abilities with an analytic and qualitative eye for reasoning under pressure.
Self-starter with the ability to independently prioritize and complete multiple tasks with little to no supervision.
Knowledge of Cloud Services such as AWS, Office365.
Understanding and usage of Regex.
Experience with scripting languages, such as Python, Bash, Visual Basic, or PowerShell.
Understanding basic networking principles or Enterprise network design.
Possess baseline security certification to meet DoD 8570 at IAT II requirements, such as Security +.
Must have a current or be able to favorably pass a 5-year (BI) Background Investigation to join this program.
Must have at least one of the following certifications:Splunk Enterprise Security Certified Admin
Splunk IT Service Intelligence Certified Admin
Splunk Cloud Certified Admin
Splunk SOAR Certified Automation Developer
Splunk Certified Developer
Splunk Enterprise Certified Admin
Splunk Enterprise Certified Architect
Splunk Core Certified Consultant
These are preferred qualifications for this role…Prior experience in a Splunk professional services role.
Possess certifications in Splunk premium app, such as Enterprise Security, ITSI, UBA.
Splunk Certified Developer certification.
Experience in automating Splunk Deployments and orchestration within a Cloud environment.
Experience with FISMA Systems requirements.
Experience with Confluence, JIRA, ServiceNow.
Cribl CCOE User certification.
Original Posting Date:
2024-09-20While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.Pay Range:
Pay Range $101,400.00 - $183,300.00The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
#J-18808-Ljbffr