Wood Consulting
SIEM Engineer
Wood Consulting, Columbia, Maryland, United States, 21046
SIEM Engineer
Location
US-MD-Annapolis Junction | US-MD-Columbia
Job ID
WOOD-05
# Positions
1
Experience (Years)
8
Category
IT Operational Support
Overview
SIEM Engineer / Splunk Certified Administrator woodcons.com Location(s):
Annapolis Junction, Maryland and Columbia, Maryland Job Type:
Full-Time Shift:
Days Telework:
None Salary Range:
**$150,000 - $170,000 ** Salary ranges are based on minimum education and years of experience and may increase based on education and/or experience. Overview:
Are you a talented Splunk Administrator looking for an exciting new challenge? Join our dynamic team and play a crucial role in safeguarding our critical operational systems. As a Splunk Administrator, you will be at the forefront of configuring and optimizing our event collection, parsing, correlation, and visualization processes. In this role, you will leverage your expertise in system administration, log management, event correlation, and threat detection to ensure our systems operate seamlessly and securely. You will collaborate with a dedicated team to support analysts and end-users, refining and creating reports, analytics, and dashboards that drive informed decision-making. Your contributions will be vital in integrating resources across teams, enhancing the accuracy of our audit data, and minimizing false positives and negatives. If you are passionate about cybersecurity and eager to make a significant impact, we want to hear from you! Application Process:
Interested candidates should submit their resume detailing their qualifications and experience. Security Clearance Requirements: This position requires all candidates to be
U.S. Citizens
and
possess an active TS/SCI Security Clearance with a **Polygraph. ** Updated within the last five (5) years. Qualifications
Basic Qualifications Must have Splunk Enterprise Certified Admin Certificate or higher.
At least 8 years of related experience. At least 2 years of experience with one or more of the following: StealthWatch, TripWire, Zenoss, ArcSight, Splunk. Experience in design, implementation, and support of Splunk core components, including: indexers, forwarders, search heads, and cluster managers. Experience with configuration and administration of Splunk ingestion and forwarding for new and existing applications and data. Experience with troubleshooting Splunk data-flow issues between the various Splunk core components. Experience configuring and deploying data collection for a variety of operating systems and networking platforms. Experience creating Dashboards and Analytics within SIEM tools. Experience working with monitoring systems supporting auditing, incident response, and system health. Understanding of networking components and devices, ports, protocols, and basic networking troubleshooting steps. The ability to troubleshoot issues with log feeds, search time, and field extractions. The ability to troubleshoot problems related to data solutions. Preferred Qualifications Bachelor's Degree in Computer Science, Engineering, Information Assurance, or a related discipline. Network Security Operations Center (SOC) experience. Experience and talent in data visualization. Experience creating work-flows for Incident Response within a SIEM Tool. Security+ Certification. GIAC Certified Incident Handler Certification. GIAC Cyber Threat Intelligence Certification. Cybersecurity certifications. Formal SIEM training. Experience working on an Agile team/program.
About WOOD
Fringe Benefits: Health Insurance:
Comprehensive medical, dental, and vision plans. Retirement Plan:
401(k) with company match. Paid Time Off:
Generous PTO policy including vacation, sick leave, and holidays. Professional Development:
Opportunities for training, certifications, and career advancement. Work-Life Balance:
Flexible work schedules and remote work options. Wellness Programs:
Employee assistance programs, wellness initiatives, and gym membership discounts. For more information about our benefits, please click
here . Why Join Us? Impactful Work:
Contribute to critical government projects that make a difference. Career Growth:
Take advantage of professional development opportunities and career advancement. Supportive Environment:
Work in a collaborative and flexible environment that values work-life balance. Competitive Compensation:
Enjoy a competitive salary and comprehensive benefits package. WOOD is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.
Location
US-MD-Annapolis Junction | US-MD-Columbia
Job ID
WOOD-05
# Positions
1
Experience (Years)
8
Category
IT Operational Support
Overview
SIEM Engineer / Splunk Certified Administrator woodcons.com Location(s):
Annapolis Junction, Maryland and Columbia, Maryland Job Type:
Full-Time Shift:
Days Telework:
None Salary Range:
**$150,000 - $170,000 ** Salary ranges are based on minimum education and years of experience and may increase based on education and/or experience. Overview:
Are you a talented Splunk Administrator looking for an exciting new challenge? Join our dynamic team and play a crucial role in safeguarding our critical operational systems. As a Splunk Administrator, you will be at the forefront of configuring and optimizing our event collection, parsing, correlation, and visualization processes. In this role, you will leverage your expertise in system administration, log management, event correlation, and threat detection to ensure our systems operate seamlessly and securely. You will collaborate with a dedicated team to support analysts and end-users, refining and creating reports, analytics, and dashboards that drive informed decision-making. Your contributions will be vital in integrating resources across teams, enhancing the accuracy of our audit data, and minimizing false positives and negatives. If you are passionate about cybersecurity and eager to make a significant impact, we want to hear from you! Application Process:
Interested candidates should submit their resume detailing their qualifications and experience. Security Clearance Requirements: This position requires all candidates to be
U.S. Citizens
and
possess an active TS/SCI Security Clearance with a **Polygraph. ** Updated within the last five (5) years. Qualifications
Basic Qualifications Must have Splunk Enterprise Certified Admin Certificate or higher.
At least 8 years of related experience. At least 2 years of experience with one or more of the following: StealthWatch, TripWire, Zenoss, ArcSight, Splunk. Experience in design, implementation, and support of Splunk core components, including: indexers, forwarders, search heads, and cluster managers. Experience with configuration and administration of Splunk ingestion and forwarding for new and existing applications and data. Experience with troubleshooting Splunk data-flow issues between the various Splunk core components. Experience configuring and deploying data collection for a variety of operating systems and networking platforms. Experience creating Dashboards and Analytics within SIEM tools. Experience working with monitoring systems supporting auditing, incident response, and system health. Understanding of networking components and devices, ports, protocols, and basic networking troubleshooting steps. The ability to troubleshoot issues with log feeds, search time, and field extractions. The ability to troubleshoot problems related to data solutions. Preferred Qualifications Bachelor's Degree in Computer Science, Engineering, Information Assurance, or a related discipline. Network Security Operations Center (SOC) experience. Experience and talent in data visualization. Experience creating work-flows for Incident Response within a SIEM Tool. Security+ Certification. GIAC Certified Incident Handler Certification. GIAC Cyber Threat Intelligence Certification. Cybersecurity certifications. Formal SIEM training. Experience working on an Agile team/program.
About WOOD
Fringe Benefits: Health Insurance:
Comprehensive medical, dental, and vision plans. Retirement Plan:
401(k) with company match. Paid Time Off:
Generous PTO policy including vacation, sick leave, and holidays. Professional Development:
Opportunities for training, certifications, and career advancement. Work-Life Balance:
Flexible work schedules and remote work options. Wellness Programs:
Employee assistance programs, wellness initiatives, and gym membership discounts. For more information about our benefits, please click
here . Why Join Us? Impactful Work:
Contribute to critical government projects that make a difference. Career Growth:
Take advantage of professional development opportunities and career advancement. Supportive Environment:
Work in a collaborative and flexible environment that values work-life balance. Competitive Compensation:
Enjoy a competitive salary and comprehensive benefits package. WOOD is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.