Splunk Engineer - Consultant Certified / ES Accreditation Required (Cybersecurity)

TL;DR

Splunk Engineer (ES Certified): Maintaining client Splunk instances with emphasis on data onboarding, content development, reporting, and visualizations with an accent on SIEM capabilities, risk-based alerting, and security use cases. Focus on developing custom dashboards, ML models for anomaly detection, automation for workflows, and incident response configurations.

Location: Annapolis, MD. US Background Check Required

Company

Veteran-owned small business recognized as a Best Places to Work and one of Inc. Magazine’s Top 5000 Fastest Growing Companies, delivering top-tier services to customers including federal clients.

What you will do

• Develop and implement actionable alerts, workflows, apps, knowledge objects, dashboards, reports, and data models for Splunk as a SIEM tool.
• Work with Splunk Architect/Admin to promote private knowledge objects to global and assist in data lifecycle management.
• Train CISO Splunk Engineering team on data lifecycle, searching, and content development; host workshops for teams and analysts.
• Develop automation to improve CISO workflows, advanced security use cases, risk rules, and incident rules for cyber events.
• Configure custom RBA dashboards for risk detail, health analysis, suppression, and incident response workflows around notable events.
• Develop custom ML models for anomaly-detection alerting and implement event logging from OS, apps, identity providers, networks, and cloud services.

Requirements

• US Background Check Required
• Splunk Consultant Certification
• Heavy Splunk ES Experience
• Experience ingesting logs into Splunk via Cribl
• Experience with RBA (Risk Based Alerting)
• Prior Splunk engineering and administration experience; work well in a team
• Understanding of network protocols, operating systems, applications, and device event telemetry

Nice to have

• Backgrounds supporting federal customers

Culture & Benefits

• Competitive salary paid twice per month
• Best in class medical coverage with 100% of premiums covered by company
• 3 weeks PTO starting + 11 paid holidays annually
• 401k with 100% company match on first 4%
• Monthly reimbursement for cell phone and home internet
• Paternity/maternity leave; investment in training and certifications
• Access to full knowledge base, PS team support, internal Slack, and tools for professional growth
• Company-wide new business incentives and contribution incentives (white papers, blogs, webinars)