make a meaningful impact with a company that values your technical ambition? Join us and experience a company where your contributions truly make a difference! Interviewing NOW for a Splunk Engineer III! TS/SCI with POLYGRAPH clearance necessary! Mon-Fri Days, Available for after hours on-call Description: • Ensure the Splunk infrastructure functions properly with PKI-based authentication, corporate … communications. • Contribute to development and ongoing improvement of industry best practices and standards for maintaining data analytics enterprise technologies. • Assist with installing, testing, and deploying hotfixes/patches for Splunk app/product releases to manage enterprise vulnerabilities. • Assist with development of knowledge articles, documentation, and work instructions used by the Splunk, server, desktop and Information System Security teams, and … Help Desk technicians. BS and 20 years of experience or HSD/25 yrs exp. IAT Level 2ce required. OR equivalent combo. Required SKILLS: Experience managing user authentication within Splunk including RBAC/ABAC Strong organizational, communication, and collaboration skills Must be a US Citizen. Approximate Salary Range: $141,000 - $152,000 A variety of factors can impact the final More ❯
Annapolis Junction, Maryland, United States Hybrid / WFH Options
GTSC Talent Solutions
AEITS, Inc. is looking to grow its team! We are seeking a Splunk Engineer - Mon-Fri Day Shift, to support our customer in the Annapolis Junction, MD area. The Splunk Engineer will manage user authentication within Splunk, including RBAC/ABAC, and analyze security logs from networks, hosts, and firewalls. Mission: As a Splunk Engineer on this government program, you … CompTIA Security+ CE, DoD 8570 IAT II Requirements: U.S. Citizenship Active TS/SCI with polygraph A Bachelor's Degree and Twenty (20) years of relevant experience. Experience with Splunk Machine Learning Toolkit (MLTK) Proficiency in scripting languages such as CSS, HTML, JavaScript, and Python Knowledge of RMF, Trellix ePO, NESSUS, SCAP, and vulnerability scanning tools Experience with ServiceNow Ticketing … System Proficiency in shell scripting to automate tasks and manipulate data Ability to ensure Splunk infrastructure functions properly with PKI-based authentication, corporate authorization services, firewalls, and SSL/TLS communications Contribute to the development and improvement of industry best practices for enterprise data analytics technologies Assist with installing, testing, and deploying hotfixes/patches for Splunk app/product More ❯
Ensure the Splunk infrastructure functions properly with PKI-based authentication, corporate authorization services, firewalls, and SSL/TLS communications. Contribute to development and ongoing improvement of industry best practices and standards for maintaining data analytics enterprise technologies. Assist with installing, testing, and deploying hotfixes/patches for Splunk app/product releases to manage enterprise vulnerabilities. Assist with development of … knowledge articles, documentation, and work instructions used by the Splunk, server, desktop and Information System Security teams, and Tier 2/3 Help Desk technicians. Required Skills HS diploma or GED AND 25 years of experience Bachelor's degree AND 20 years of experience Experience managing user authentication within Splunk including RBAC/ABAC Experience reviewing network, host, and firewall … logs Strong organizational, communication, and collaboration skills IAT Level 2 CompTIA Security+ CE Active TS/SCI security clearance with a current polygraph is required Desired Skills Experience with Splunk Machine Learning Toolkit (MLTK) Experience with scripting languages such as CSS, HTML, JavaScript, and Python Knowledge of RMF, Trellix ePO, NESSUS, SCAP, and vulnerability scanning ServiceNow Ticketing System Shell scripting More ❯
Responsibilities & Qualifications RESPONSIBILITIES Architect, develop, and deploy machine learning models using Splunk MLTK in a fully on-premises infrastructure. Collaborate with Splunk engineers, SOC teams, and leadership to identify use cases and deliver ML-driven insights. Translate complex ML requirements into actionable implementation plans and communicate them effectively to technical and non-technical stakeholders. Integrate ML models into Splunk dashboards … details to support knowledge transfer and compliance. Serve as the subject matter expert for MLTK, advocating for necessary infrastructure or configuration changes to support ML initiatives. Stay current with Splunk and MLTK updates, and evaluate potential future cloud integrations. Ensure all implementations are aligned with zero-trust compliance principles. Support integration of ML models with SOAR platforms to enhance automated … Top Secret (TS) clearance (TS/SCI preferred). Bachelor's or Master's degree in Computer Science, Mathematics, Statistics, or a related field. 3+ years of experience with Splunk, including hands-on use of the Machine Learning Toolkit (MLTK). Strong understanding of machine learning principles, model lifecycle, and operationalization in production environments. Proficiency in Python, SPL (Search Processing More ❯
Cyber Security Engineer (Splunk) Senior and SME level positions available Top Secret Clearance is required Huntsville, AL ALTA IT Service is seeking a highly skilled and knowledgeable CyberSecurity Engineer - Senior Level to support a 24x7x365 Watch Floor team and safeguard the confidentiality, integrity, and availability of an organization's information assets. This position is located on a customer site in … Huntsville, AL or Clarksburg WV. Responsibilities include but are not limited to: • Develop, upgrade, and enhance the enterprise Security Information and Event Monitoring (SIEM) strategy and tool implementation via Splunk, design data flow diagrams and alert feed architectures to ensure seamless alert integration • Develop and maintain SIEM architecture, including data sources, log management, and alerting mechanisms • Configure tools, settings, alerts More ❯
Splunk Systems Engineer Job Category: Engineering Time Type: Full time Minimum Clearance Required to Start: TS/SCI with Polygraph Employee Type: Regular Percentage of Travel Required: None Type of Travel: None The Opportunity: At CACI, our philosophy of employee development and advancement rests on a cultural foundation of providing unlimited and equal opportunities for growth, recognition, and rewards. We … a Best Place to Work by the Washington Post. CACI's Global Enterprise Services program is seeking a Systems Engineer 5 to support its Maryland customer. Responsibilities: Ensure the Splunk infrastructure functions properly with PKI-based authentication, corporate authorization services, firewalls, and SSL/TLS communications. Contribute to development and ongoing improvement of industry best practices and standards for maintaining … data analytics enterprise technologies. Assist with installing, testing, and deploying hotfixes/patches for Splunk app/product releases to manage enterprise vulnerabilities. Assist with development of knowledge articles, documentation, and work instructions used by the Splunk, server, desktop and Information System Security teams, and Tier 2/3 Help Desk technicians. Qualifications: Required: 25 years of experience and HS More ❯
include, but are not limited to, the following: Experience creating custom dashboards, writing queries, building, and generating reports, and setting up alerts and notifications using all the Cyber tools (Splunk, Tenable, Trellix). Demonstrated proficiency with recognizing and onboarding new data sources into the cyber tools and analyzing the data for anomalies and trends. Primarily responsible for maintaining the test … information systems. throughout the system development life cycle to support the generation of the security engineering products. Assist with the design, deployment, and administration of a multi-site, distributed Splunk environment. Including Multi-site Clustering, Search Head Clustering, Universal Forwarders, Deployer, and Deployment Server. Configure, operate, and maintain Trellix and its components (ePolicy Orchestrator, Trellix Agent, Data Loss Prevention, Host … regarding accuracy and efficiency as well as integration of new techniques to improve the confidentiality - integrity - availability of network/operational systems at multiple classifications levels. Requirements: Experience in Splunk role while working in a Splunk Clustered Environment Knowledge and experience with NESSUS/ACAS and Trellix administration Must be able to work a 40-hour work week, normally Monday More ❯
threat intelligence Experience with major automation applications, including integrating tools, designing, writing playbooks, troubleshooting, training, or supporting technical requirements Experience with programming languages, including Python, SOAR tools such as Splunk SOAR, XSOAR, or Tines, and working with libraries Experience working with APIs such as Palo, Versa, Splunk, and Elastic, and writing API integrations within Python Ability to produce new playbooks … obtain a Security+ Certification within 9 months of start date Additional Qualifications: Experience with threat intelligence tools such as ThreatQ, Analyst1, or ThreatConnect Experience with log management platforms, including Splunk or ELK Stack Experience with cybersecurity tools, including Splunk, Cisco ISE, Forescout, BigFix, Tanium, Zscaler, Palo Alto, McAfee, Carbon Black, CrowdStrike, FireEye, Cloud Security platforms, or ServiceNow Experience with Linux … administration Experience with networks and network protocols, including TCP, UDP, DNS, HTTP, HTTPS, SSH, and FTP TS/SCI clearance Automation Tools Certification, including Splunk or Splunk SOAR, Security+, CEH, or CISSP Certification Clearance: Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information ; Secret clearance is required. Compensation More ❯
on-site Microsoft Exchange and Microsoft Skype deployment -Maintain a Cisco WAN and LAN using technologies such as SD-WAN, FirePower, and DNA Center -Configure, tune, and monitor a Splunk Enterprise SIEM including monitoring, rulesets, and response -Microsoft Windows and Red Hat Enterprise Linux Clients and Servers, including management using Ivanti Endpoint Manager -Management of a virtual environment containing VMWare … years experience, or similar education/work experience via customer approval. Certifications/Relevant Experience: -Cisco CCNP (CCNA may be substituted with 3+ years of experience in Cisco networking) Splunk Enterprise Certified Admin and Splunk Enterprise Core Certified Power User -VMWare and NetApp experience -Red Hat Enterprise Linux experience -Microsoft Client and Server On-Prem Experience -Microsoft Exchange and Skype More ❯
addressing identified issues. Qualifications THE EXPERIENCE YOU BRING TO THE TEAM Minimum Required Experiences 6 years 4 years of hands-on experience managing the Monitoring and Observability platform using Splunk/Dynatrace/Open Telemetry/AWS Cloudwatch in a large-scale Linux and Windows Server environments. Experience in generating and using complex database queries. Skilled in Python Programming. Desired … Experiences Bachelor degree or equivalent 4+ years of hands-on experience managing the Monitoring and Observability platform using Splunk/Dynatrace/Open Telemetry/AWS Cloudwatch in a large-scale Linux and Windows Server environments on-premises and AWS. Experience supporting mission-critical platforms in an on-call setting. AWS/Linux/Windows/Other Tool certifications. AWS … services such as EC2, SSM, CloudWatch, and Tools like AWS Console, AWS CLI and CloudFormation. Skilled in Infrastructure as Code (IaC), Python, and other programming languages. Experience in using Splunk, Application Performance tools like Open Telemetry or Dynatrace, Synthetic Monitoring tools like Catchpoint. Ability to work independently on multiple concurrent tasks in a dynamic environment, with strong customer service skills More ❯
advanced machine learning models, statistical analyses, and predictive algorithms to identify security threats and anomalies within large, complex datasets. SIEM Expertise: Design, implement, and optimize SIEM solutions, particularly in Splunk and Elastic Search environments, to capture, analyze, and report on security event data. Cyber Security Collaboration: Work closely with the security operations team to integrate data-driven insights into security … intelligence Provide mentorship and guidance to junior team members. Requirements: Experience: 10+ years of experience in data science, with at least 3 years focused on SIEM engineering, specifically with Splunk and/or Elastic Search. Cyber Security Focus: Strong understanding of cyber security principles, including threat detection, incident response, and security operations. Technical Expertise: Proficiency in Python, SQL, and relevant … data science libraries (e.g., pandas, scikit-learn, TensorFlow) and experience working with SIEM tools like Splunk and Elastic Search. Advanced Analytics & ML: Proven experience in applying machine learning techniques (anomaly detection, clustering, classification) to large-scale security data. Data Engineering: Experience in data ingestion, transformation, and optimization within SIEM systems, and familiarity with ETL processes. Problem-Solving: Excellent analytical and More ❯
to identify trends, anomalies, and identify security insights. Develop and maintain interactive dashboards and visualizations. Consolidate and extract data using tools such as SharePoint, ServiceNow, Power BI, Tableau, and Splunk to effectively communicate key security metrics. Extract and integrate data from various data sources to support the creation of dashboards and visualizations that track FISMA metrics and cybersecurity performance indicators. … modules. 1 year of experience building presentations and conducting training on FISMA metric collection requirements. 1 year of experience extracting data from multiple sources including but not limited to: Splunk, Elastic, Crystal Reports, Microsoft Power BI, Tableau, SQL Server, Oracle Business Intelligence Enterprise Edition (OBIEE), Oracle Data Visualizer, and Oracle Visual Analyzer. 2 years of experience working to execute NIST … previous client-engagement experience. DHS HQ or Component- level experience preferred . Other relevant certifications include: Microsoft Certified: Power BI Data Analyst Associate, Tableau Desktop Specialist or Certified Associate, Splunk Core Certified Power User, Splunk Certified Data Analyst, Elastic Certified Engineer, Elastic Certified Analyst Evolver Federal is an equal opportunity employer and welcomes all job seekers. It is the policy More ❯
Web/Email gateway security technologies, Security Orchestration, Automation and Response (SOAR) and cloud based platforms such as Azure, AWS, or Google • Experience with MITRE ATT&CK • Experience with Splunk or Splunk Enterprise Security Preferred Qualifications: • Ability to demonstrate interpersonal, organizational, writing, communications, and briefing skills • Ability to effectively use analytical and problem-solving skills • Provide logical use case development. More ❯
improvement of cybersecurity postures. Essential Skills and Experience: Proven experience in a Security Operations Centre (SOC) environment. Strong hands-on expertise with SIEM tools such as Microsoft Sentinel and Splunk . Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ). Skilled in incident response and threat intelligence analysis . Familiarity with Mitre Att&ck framework … you will be at the forefront -leading incident response, improving detection mechanisms, and mentoring junior analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ). Leading incident response and driving improvements in detection and containment strategies. Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck . Collaborating with colleagues to enhance More ❯
experience as a Data Analyst. 1 year of experience with FISMA Metrics and Reporting requirements. 1 year of experience extracting data from multiple sources including but not limited to: Splunk, Elastic, Crystal Reports, Microsoft Power BI, Tableau, SQL Server, Oracle Business Intelligence Enterprise Edition (OBIEE), Oracle Data Visualizer, and Oracle Visual Analyzer. 2 years of experience working to execute NIST … as Certified Data Management Professional (CDMP) or Certified Analytics Professional (CAP). Other relevant certifications include: Microsoft Certified: Power BI Data Analyst Associate, Tableau Desktop Specialist or Certified Associate, Splunk Core Certified Power User, Splunk Certified Data Analyst, Elastic Certified Engineer, Elastic Certified Analyst Must have an Active DOD Secret clearance Preferred Qualifications 2 years of experience as a Data More ❯
Nottingham, Nottinghamshire, East Midlands, United Kingdom Hybrid / WFH Options
Experian Ltd
Mac OS), Security Technologies (Anti-Virus, Intrusion Prevention), and Networking (Firewalls, Proxies) Interpret device and application logs from a variety of sources (e.g. Firewalls, Proxies, Web Servers, System Logs, Splunk, Packet Captures) to identify cause and determine next steps for containment, eradication, and recovery. Provide Advanced Support to analysts (Logs review, IP Block question).?Mentor other analysts (process question … networking, networking infrastructure, and network topologies (DMZ, VPN, WAN) and network technologies (WAF, IPS, Routers, Firewalls) Experience with commercial & opensource SIEMs, full packet capture tools, and network analysis tools (Splunk, Wireshark, SOF-ELK) Have a demonstrated knowledge of common intrusion methods and cyber-attack tactics, techniques, and procedures (TTPs). Exhibit skills using common Incident Response and Security Monitoring?applications … such as SIEM (Splunk), EDR (FireEye HX, CrowdStrike Falcon, McAfee mVision EDR.), WAF, IPS Additional Information Benefits package includes: Flexible work environment, working hybrid or in the office if you prefer. Great compensation package and discretionary bonus plan Core benefits include pension, bupa healthcare, sharesave scheme and more 25 days annual leave with 8 bank holidays and 3 volunteering days. More ❯
Gosport, Hampshire, South East, United Kingdom Hybrid / WFH Options
Walsh Employment
improvement of cybersecurity postures. Essential Skills and Experience: Proven experience in a Security Operations Centre (SOC) environment Strong hands-on expertise with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat … be at the forefront of digital defenceleading incident response, improving detection mechanisms, and mentoring junior analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues to enhance the overall More ❯
years of experience working on Government Agency enterprise infrastructure and engineering programs. Desired Qualifications Nessus/Rapid7 Security Development and Operations (SecDevOps) Various security tools and processes such as Splunk, Nessus Security Center, WebInspect, Xacta Cloud security controls and implementation STIG compliance and vulnerability management CISSP AWS Certified Security Specialty Microsoft Office365 Experience in one or more software products associated … with cyber system engineering for data analytics including SQL security, TANIUM Endpoint Management Software, Powershell, MacAfee, App Blocker, Splunk ITSI. What you can expect from us BCore is proud to be an equal opportunity workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation or More ❯
Web/Email gateway security technologies, Security Orchestration, Automation and Response (SOAR) and cloud based platforms such as Azure, AWS, or Google Experience with MITRE ATT&CK Experience with Splunk or Splunk Enterprise Security Full Scope Clearance Ability to demonstrate interpersonal, organizational, writing, communications, and briefing skills Ability to effectively use analytical and problem-solving skills Provide logical use case More ❯
process. - Collaborate with cross-functional teams to ensure compliance with security standards and regulatory requirements. - Automate and orchestrate security processes, including incident response and threat detection, using technologies like Splunk, Chef Automate, and others. - Stay updated with emerging DevSecOps trends, tools, and practices, and provide recommendations for implementing new technologies. - Provide mentorship and guidance to junior engineers in DevSecOps practices … Participation in a rotational on-call schedule for emergency page-outs is required. - Additional tasks to be assigned as needed. - Experience in any or all the following: - Docker Enterprise, Splunk, Chef, Chef Automate, Chef (Ruby), Puppet, Ansible, Kubernetes, Openshift - Hands-on working experience in Terraform (IaC), Jenkins groovy scripts, and Python. Minimum Requirements TCS087, T3, Band 6 EEO Statement Maximus More ❯
process. - Collaborate with cross-functional teams to ensure compliance with security standards and regulatory requirements. - Automate and orchestrate security processes, including incident response and threat detection, using technologies like Splunk, Chef Automate, and others. - Stay updated with emerging DevSecOps trends, tools, and practices, and provide recommendations for implementing new technologies. - Provide mentorship and guidance to junior engineers in DevSecOps practices … Candidates must reside within a commutable distance. - Participation in a rotational on-call schedule for emergency page-outs is required. - Experience in any or all the following: - Docker Enterprise, Splunk, Chef, Chef Automate, Chef (Ruby), Puppet, Ansible, Kubernetes, Openshift - Hands-on working experience in Terraform (IaC), Jenkins groovy scripts, and Python. - Additional tasks to be assigned as needed. Minimum Requirements More ❯
as Certified Data Management Professional (CDMP) or Certified Analytics Professional (CAP). Other relevant certifications include: Microsoft Certified: Power BI Data Analyst Associate, Tableau Desktop Specialist or Certified Associate, Splunk Core Certified Power User, Splunk Certified Data Analyst, Elastic Certified Engineer, Elastic Certified Analyst Must have an Active DOD Secret clearance. Preferred Qualifications Ability to communicate clearly and effectively via More ❯
process. - Collaborate with cross-functional teams to ensure compliance with security standards and regulatory requirements. - Automate and orchestrate security processes, including incident response and threat detection, using technologies like Splunk, Chef Automate, and others. - Stay updated with emerging DevSecOps trends, tools, and practices, and provide recommendations for implementing new technologies. - Provide mentorship and guidance to junior engineers in DevSecOps practices … Participation in a rotational on-call schedule for emergency page-outs is required. - Additional tasks to be assigned as needed. - Experience in any or all the following: - Docker Enterprise, Splunk, Chef, Chef Automate, Chef (Ruby), Puppet, Ansible, Kubernetes, Openshift - Hands-on working experience in Terraform (IaC), Jenkins groovy scripts, and Python. Minimum Requirements TCS087, T3, Band 6 EEO Statement Maximus More ❯
process. - Collaborate with cross-functional teams to ensure compliance with security standards and regulatory requirements. - Automate and orchestrate security processes, including incident response and threat detection, using technologies like Splunk, Chef Automate, and others. - Stay updated with emerging DevSecOps trends, tools, and practices, and provide recommendations for implementing new technologies. - Provide mentorship and guidance to junior engineers in DevSecOps practices … Candidates must reside within a commutable distance. - Participation in a rotational on-call schedule for emergency page-outs is required. - Experience in any or all the following: - Docker Enterprise, Splunk, Chef, Chef Automate, Chef (Ruby), Puppet, Ansible, Kubernetes, Openshift - Hands-on working experience in Terraform (IaC), Jenkins groovy scripts, and Python. - Additional tasks to be assigned as needed. Minimum Requirements More ❯
