MUST HAVE SECRET CLEARANCE on location in Doral, FL Job Title: Splunk UBA Engineer We are seeking an experienced and analytical Splunk UBA Engineer to implement, optimize, and maintain our User Behavior Analytics (UBA) platform. In this role, you will use behavioral modeling and machine learning capabilities in Splunk UBA to identify insider threats, compromised accounts, data exfiltration, and other … work closely with SOC analysts, engineers, and data owners to turn user activity data into actionable intelligence and risk-based threat detections. Key Responsibilities • Deploy, configure, and maintain the Splunk UBA platform, including data ingestion, normalization, and threat model tuning. • Deploy UBA cluster designing the build • Ingest and map logs from various sources (e.g., Active Directory, VPN, firewalls, proxy, endpoint … risk scoring, notable events, and incident response workflows. • Build and maintain dashboards, entity timelines, and investigative tools within UBA to support threat hunting and investigations. • Integrate UBA output with Splunk Enterprise Security (ES) or SOAR platforms for automated response and triage. • Continuously evaluate new data sources, use cases, and detection strategies to enhance UBA capabilities. • Document procedures, configurations, and threat More ❯
Splunk Developer (Threat Detection Consultant) - Brussels/London/Paris/Amsterdam - Banking Client Duration: 1 year Rate: 500 - 800 per day Hybrid: 2 days onsite per week (London, Paris, Brussels or Amsterdam) Role: Interact with the different customers to capture and define requirements for the development and testing of the threat detection capabilities Cooperate with log source onboarding team … to assure correct log source onboarding and log mapping to data models according to Splunk standard processes The development and tuning and continuous improvement of correlation rules Develop and maintain dashboards, reports, and alerts Create Splunk Knowledge Objects to address customers needs in context of using Splunk as security tool Prepare correlation search tests, conduct tests, and document evidence from … making sure we have a healthy balance between defect resolution and new features Qualifications: Technical Skills: In depth experience in development and maintenance of SIEM use cases Fluent in Splunk's search processing language (SPL) Excellent knowledge of Splunk Enterprise and Splunk Enterprise Security Sound knowledge about Splunk Common Information Model and log normalization using Data Models Solid understanding of More ❯
transforming industries through cutting-edge digital solutions and next-generation AI. We empower businesses-and their customers-to achieve more through innovation, automation, and intelligent insights. The Role Presidio Splunk Engineers serve as a technical expert supporting military and federal customers in the nearby Fayetteville, NC area. You will be responsible for architecting, deploying, and configuring Splunk products within classified … environments, ensuring compliance with DoD security requirements and RMF guidelines. Your background in System Administration, Security, and Consulting, combined with hands-on Splunk experience and required security clearance, will be essential for supporting mission-critical operations. Responsibilities include: • Splunk Technical Capability o Deliver Splunk engineering solutions in on-prem and Cloud instances o Understand and execute on the promise of … Splunk within the customer's environment o Technical expert in at least one premium application within Splunk such as ITSI or ES (Enterprise Security) • Delivery Engineering o Serve as the Splunk expert on projects exceeding quality delivery standards o Become a Trusted Advisor to internal teams and external customers o Perform timely documentation for all work completed • Mission Support o More ❯
Job Title: Splunk Engineer Location: Herndon, VA (CI Poly or FS Poly), Ft. Meade, MD (FS Poly), McLean, VA (FS Poly) End Customer: Intel community Program Name & Supporting Details: Could not disclose Budget Approved/Fully Funded: Yes # of Positions: 4 Reason for opening: New position Note: Prefers FS Poly, but if they are hands-on with ITSI (and …/SCI with a full-scope poly required. Experience operating in classified environments. Bachelor's degree in a related area or at least 4 years of related work experience. Splunk industry certifications. Strong background with Splunk Enterprise and Splunk Enterprise Security. Understanding of identity, SIEM, cybersecurity, and infrastructure concepts. Understanding of governance and compliance, specifically with FAR, DFARs, CUI and More ❯
EngineeringHybrid Remote , London,United KingdomReading,United Kingdom Splunk - a Cisco company, provides the Unified Security and Observability Platform. The world's leading organisations trust Splunk to go from insight to action fast and at scale; organisations such as McLaren, Heineken, and Tesco are turning data into action with Splunk. Join us as we pursue our innovative vision to make machine … accessible, usable and valuable to everyone. Our company is filled with people passionate about our solutions and seeking to deliver the best experience and outcomes to our customers. At Splunk, we're committed to our work, customers, having fun and, most importantly, to each other's success. This is an opportunity to work at a company that is changing the … way that information supports business decisions and makes the world a more digitally resilient place. Splunk seeks a highly motivated, outcome-focused individual to join our Solutions Engineering team as a Solutions Engineer (SE). As a Splunk SE, you'll be a technical sales resource for the UKI Enterprise Sales team supporting our clients in the UK and Ireland. More ❯
Cybersecurity, or related discipline, or equivalent hands-on experience. 2-5 years of experience in security operations or security engineering. Hands-on experience with SOAR platforms (e.g., Cortex XSOAR, Splunk SOAR, IBM Resilient). Strong familiarity with: Google SecOps/Chronicle Darktrace (AI-based threat detection) CrowdStrike Falcon platform Scripting experience in Python , PowerShell , or Bash . Experience with REST … critical thinking, and communication skills. Desirable Qualifications Experience with CI/CD for playbook development and version control (e.g., Git). Familiarity with other SOC tools (e.g., ServiceNow, Jira, Splunk, Elastic, SentinelOne). Security certifications such as: SOAR-specific certifications (e.g., Cortex XSOAR Certified Engineer) CrowdStrike Certified Falcon Responder Google Cybersecurity Certificate General security certs (e.g., CySA+, GCIH, CISSP More ❯
process Collaborate with cross-functional teams to ensure compliance with security standards and regulatory requirements Automate and orchestrate security processes, including incident response and threat detection, using technologies like Splunk, Chef Automate, and others Stay updated with emerging DevSecOps trends, tools, and practices, and provide recommendations for implementing new technologies Provide mentorship and guidance to junior engineers in DevSecOps practices … of experience as a DevSecOps Engineer or related field This position requires a High School Diploma, GED, or equivalent Experience in any or all of the following: Docker Enterprise, Splunk, Chef, Chef Automate, Chef (Ruby), Puppet, Ansible, Kubernetes, Openshift Hands-on working experience in Terraform (IaC), Jenkins groovy scripts, and Python More ❯
Washington, Washington DC, United States Hybrid / WFH Options
Corelight, Inc
including as it relates to Corelight Suricata alerts Design and implement technical solutions with ecosystem partners (packet brokers, asset managers, SOAR systems, etc.) Implement queries and dashboards in SIEMs - Splunk, Elastic, Humio, etc. Influence customers and Corelight teams and be seen as a technical expert Conduct network-related testing to ensure Corelight products operate correctly Perform validation testing of Corelight … s) Demonstrated expertise in Windows/MacOS/Linux/Unix operating systems, IDS/IPS, Network administration, firewall configuration, and strong knowledge of TCP/IP SIEM experience (Splunk required, others a bonus) Scripting in (some of) Zeek, Bash, Python, Perl, Powershell, etc. Strong briefing skills; experience interacting with SES/general officer-level management Fueled by investments from More ❯
assessment procedures and evidence for assessment by Authorizing Officials of body of evidence. • Engineering, administration, and configuration of Nessus scans and policies, Trellix/McAfee back end and policies, Splunk and Elastic SIEM administration, engineering, and query languages (SPL, SQL, or ES/QL) for analysis. • Apply STIGs, and various security mechanisms within Windows, Linux, and AWS cloud consoles. • Identify … in cloud cybersecurity and shared responsibility models, networking, and/or data experience is required. The following qualifications are desired: • Experience with DEVSECOPS, containerization, and zero-trust architectures (preferred) • Splunk or Elastic Certifications (preferred) • Experience with Department of Defense (DoD) Special Access Program (SAP) administrative processes (preferred) Travel: Some local travel may be expected. More ❯
Washington, Washington DC, United States Hybrid / WFH Options
Softek International Inc
Cloud Access Security Broker (CASB) and Cloud Secure Gateway (CSG) technologies. • Coordinate with related technology acquisition programs and communities of interest to leverage ongoing investments in tools such as Splunk, Swimlane, Crowdstrike, Grafana, Axonius, Tenable, GitLab, etc. • Must be resourceful in multitasking tasks and projects and communicating in a dynamic network. • Prior consulting, contracting experience is ideal, DHS experience a … Hat Certified System Administrator) • RHCE (Red Hat Certified Engineer) • MCSA (Microsoft Certified Solutions Associate) • MCSE (Microsoft Certified System Expert) • PMI Project Management Professional (PMP) Software/Hardware Experience Desired Splunk Enterprise, Crowdstrike, Ansible, Red Hat, Linux, Tenable, AWS and Azure Cloud More ❯
integration. The ideal candidate will have a strong background in Java and Python development, system integration, and troubleshooting within complex software ecosystems. A working knowledge of ElasticSearch, NiFi, and Splunk is essential. This role requires proactive problem-solving skills, the ability to collaborate across technical teams, and a commitment to delivering robust data-driven solutions. The Level 4 Application Engineer … Qualifications: Experience with Windows and/or Linux operating systems Proficiency with Vine KG Tool and/or GENOME KG Tool Strong development experience in Java Working knowledge of Splunk for log analysis and monitoring Development experience with Python Background or knowledge in ElasticSearch and Apache NiFi IAT Level 2 Certification (Security+ CE, CCNA-Security, GSEC, etc.) Desired Skills & Capabilities More ❯
developing with multiple programming languages such as C, Java, and Python in a Unix environment Experience with software frameworks used for searching, monitoring, and analyzing big data such as Splunk and Elastic Stack Experience with SQL technologies such as MySQL, MariaDB, and PostgreSQL Experience with NoSQL technologies such as MongoDB and Elasticsearch Experience with containerization technologies such as Docker Experience More ❯
assessment procedures and evidence for assessment by Authorizing Officials of body of evidence. • Engineering, administration, and configuration of Nessus scans and policies, Trellix/McAfee back end and policies, Splunk and Elastic SIEM administration, engineering, and query languages (SPL, SQL, or ES/QL) for analysis. • Apply STIGs, and various security mechanisms within Windows, Linux, and AWS cloud consoles. • Identify … in cloud cybersecurity and shared responsibility models, networking, and/or data experience is required. The following qualifications are desired: • Experience with DEVSECOPS, containerization, and zero-trust architectures (preferred) • Splunk or Elastic Certifications (preferred) • Experience with Department of Defense (DoD) Special Access Program (SAP) administrative processes (preferred) Travel: Some local travel may be expected. Other Requirements: We seek: • Highly-motivated More ❯
High Wycombe, Buckinghamshire, England, United Kingdom
BOSS Professional Services LTD
Linux Engineer: Manage internal and external information technology and computer systems including: RHEL/RedHat Linux Servers MySQL, MSSQL and Postgres databases. iSCSI SAN Technologies. Xenserver Clustered virtualized environment. Splunk Logserver. System monitoring. Network configuration and management. Firewall configuration and management. Microsoft AD and Remote Desktop Services (Windows 2019). Experience of scripting (Bash, Korn, C, Shell, etc). Desirable More ❯
experience displaying strong knowledge of operating systems (e.g., Windows, Linux). Strong knowledge of cybersecurity principles, tools, and techniques. Experience with security information and event management (SIEM) systems (e.g. Splunk). Proficiency in conducting vulnerability assessments using ACAS. Security or equivalent certification (DoD 8570 for IAT). Quick learner and team player. Desired Skills & Qualifications: IAT level III certification (CASP More ❯
Burke, Virginia, United States Hybrid / WFH Options
ALTA IT Services
Gov, etc.). • Experience working in government-regulated environments with an understanding of cybersecurity frameworks. Preferred Qualifications: • LiveAction product certifications (e.g., LiveAction Certified Professional). • Experience integrating LiveAction with Splunk, Elastic, or other SIEMs. • Familiarity with packet-level analysis tools like Wireshark or Riverbed. • Experience with scripting and automation (Python, Ansible, PowerShell). • Prior experience supporting agencies such as DoD More ❯
CLI • Experience developing Bash scripts to automate manual processes • Recent software development experience using Python • Experience with software frameworks used for searching, monitoring, and analyzing big • data such as Splunk and Elastic Stack • Experience with IaC (Infrastructure as Code) principles and automation tools including • Ansible • Experience with CI/CD principles, methodologies, and tools such as GitLab CI • Experience with More ❯
as AWS, Microsoft Azure, or other cloud platforms. Basic understanding of DevOps tools and platforms such as GitLab, Jenkins, Terraform, and Ansible. Familiarity with monitoring and logging tools like Splunk to identify and escalate system or application-level anomalies. Ability to understand and communicate technical issues to both technical and non-technical users. Strong written and verbal communication skills, with More ❯
a sustained commitment to excellence and quality. • The position requires excellent oral and written communication skills. • Position requires time management, prioritization, team building skills. Preferred Additional Skills: • Experience with SPLUNK, NESSUS, Security Center highly desired • Experience with network and information systems at varying classification levels • Familiarity with system architectures, to include WAN/LAN design and maintenance, controlled interfaces, etc. More ❯
security engineering and development support throughout the system life cycle. • Perform appropriate continuous monitoring and systems security testing using tools such as Nessus Security Center/ACAS, Trellix, and Splunk Enterprise. • Provide mitigation solutions for identified findings and patching requirements. • Ensure that proposed system changes are reviewed and that implemented system modifications do not adversely impact the security of the More ❯
complex systems to diverse stakeholders. IAT Level II certification (Security+ or equivalent) AWS Certified Security Specialty SCS-C02 Preferred Qualifications Experience in the Intelligence Community (IC) or classified environments. Splunk Enterprise Certified Admin Familiarity with infrastructure as code tools (e.g., Terraform, Ansible). Experience implementing zero trust architectures or secure enclave strategies. Additional Skills & Qualifications Would need to be able More ❯
or other CI tools; Maven, Gradle or other build tools; Ansible or other IT Automation/software provisioning tools; JIRA, Confluence; * Experience in monitoring/reporting tools such as Splunk, Grafana/Prometheus etc * Experience in Agile practices * Working knowledge of environment monitoring tools such as GCO, NewRelic, Prometheus, Grafana. * Collaboration Skills: Proactive can-do attitude; A creative approach towards More ❯
or other CI tools; Maven, Gradle or other build tools; Ansible or other IT Automation/software provisioning tools; JIRA, Confluence; * Experience in monitoring/reporting tools such as Splunk, Grafana/Prometheus etc * Experience in Agile practices * Working knowledge of environment monitoring tools such as GCO, NewRelic, Prometheus, Grafana. * Collaboration Skills: Proactive can-do attitude; A creative approach towards More ❯
Hemel Hempstead, Hertfordshire, South East, United Kingdom
Walsh Employment
Essential Skills and Experience: Proven experience in a Security Operations Centre (SOC) environment Previous people management or line management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier web environments Relational databases , firewalls , VPNs More ❯