Description A SECURITY CLEARANCE AND POLYGRAPH ARE REQUIRED Support High Performance Computing (HPC) server-class platforms, network devices, server interconnects, mass storage systems and supporting infrastructure services. One of the critical cornerstones of the IT environment is the closely coupled More ❯
seamless transitions and optimizing SOC operations to maintain high standards of security monitoring throughout the process. Interested? Apply now! Responsibilities: Support the completion of a health check of the Splunk environment to ensure the foundations are stable and the architecture is designed for future growth. Implement recommendations as agreed with the customer based on their priorities and dependencies. Support SOC … analysts with tuning and suppressing alerts to reach a manageable state. Support SOC analysts with refinement and mapping of 200 use cases. Skills/Must have: Certified and experienced Splunk Core Consultant Certified and experienced Splunk Enterprise Security Admin Experience working in SOCs in the Defence sector Benefits: Outside IR35 Remote Salary: £600 Per Day Outside IR35 More ❯
Job Responsibilities As a SIEM Engineer (ArcSight & Splunk), you will be: Responsible for design, implementation and support ArcSight or Splunk core components, including ESM, Loggers, Smart Connectors, Indexers, Forwarders, Search Heads, and Cluster Managers Responsible for configuration and administration of ArcSight or Splunk ingestion and forwarding for new and existing applications and data Responsible for fix ArcSight or Splunk dataflow … Systems, related field, or equivalent experience. A minimum of 8 years of related cybersecurity experience. A minimum of at least 4 years of proven ability with either ArcSight or Splunk Experience in design, implementation, and support of ArcSight or Splunk core components, including ESM, Loggers, Smart Connectors, Indexers, Forwarders, Search Heads, and Cluster Managers Experience with configuration and administration of … ArcSight or Splunk ingestion and forwarding for new and existing applications and data Experience with fixing ArcSight or Splunk dataflow issues between the various event flow components Experience configuring and deploying data collection for a variety of operating systems and networking platforms Experience creating Dashboards and Analytics within SIEM tools Experience working with monitoring systems supporting auditing, incident response, and More ❯
Clearance Level: Top Secret/SCI - Full Scope Polygraph Work Arrangement: On-site Job Location: Annapolis Junction MD Salary: 130K-140K Background Continuously monitor the availability and performance of Splunk, SCCM, Micro Focus, and 1E Identify, analyze, and resolve issues related to these enterprise tools in a timely manner Manage and execute patching activities across the enterprise to address security … maintain comprehensive documentation for monitoring, patching, and performance processes Requirements B.A. + 10 yrs Experience with monitoring tools and performance tuning Proven experience managing and supporting enterprise tools, including Splunk, SCCM, Micro Focus, and 1E Strong knowledge of cloud security principles and best practices Strong problem-solving skills and the ability to troubleshoot complex technical issues Patch management and problem … solving critical thinking Preferred Splunk, SCCM, Micro Focus, DoD 8570, DoD 8570 CE Certification and CompTIA Security+ CE Experience with scripting and automation (e.g., PowerShell). and mission accomplishment More ❯
program, providing monitoring and analysis (M&A) capabilities for the enterprise security program. Develops and implements the enterprise Security Information and Event Monitoring (SIEM) strategy and tool implementation via Splunk, designing data flow diagrams and alert feed architectures to ensure seamless alert integration and monitors security queues and tool alerts to identify issues in advance. Participates in response activities to … all major enterprise outages. Responsibilities include, but are not limited to: Develop and implement the enterprise Security Information and Event Monitoring (SIEM) strategy and tool implementation via Splunk, design data flow diagrams and alert feed architectures to ensure seamless alert integration Develop and maintain SIEM architecture, including data sources, log management, and alerting mechanisms Configure tools, settings, alerts, and notifications … in Computer Science, Information Technology, Cybersecurity, or a related field 1+ year of experience in cybersecurity with a focus on SIEM engineering and operations Proficiency with SIEM platforms (e.g., Splunk, Swimlane, ArcSight, QRadar, LogRhythm) Strong understanding of network protocols, system logs, and security event correlation Experience in developing and tuning SIEM use cases, correlation rules, and alerts Relevant certifications such More ❯
On. Enterprise Provisioning: Configure new Linux systems to meet enterprise baselines and controls, ensuring proper agents and configurations are installed. System Integration: Integrate Linux systems with enterprise tools (ACAS, Splunk, SolarWinds, Backup systems) and maintain patches in a heavily automated manner. Compliance Management: Ensure provisioned Linux systems remain compliant with baseline requirements and enterprise policies, similar to Group Policy in … Washington DC, integrate Linux systems, Windows environment, Active Directory, PKI certificates, Single Sign-On, configure new Linux systems, enterprise baselines, controls, agents, configurations, integrate Linux systems, enterprise tools, ACAS, Splunk, SolarWinds, Backup systems, maintain patches, automated manner, ensure compliance, baseline requirements, enterprise policies, Group Policy, develop operating system lifecycle plan, DoD STIGs, security standards, centralized alerting systems, log management systems … Savings Plan (401K), Linux systems integration, Windows environment integration, Active Directory integration, PKI certificates, Single Sign-On, enterprise baselines, enterprise controls, agent installation, configuration management, enterprise tool integration, ACAS, Splunk, SolarWinds, Backup systems, patch management, automated patching, compliance management, baseline requirements, enterprise policies, Group Policy, operating system lifecycle plan, DoD STIGs, security standards, centralized alerting systems, log management systems, Top More ❯
and information systems from cyber threats. Responsibilities include, but are not limited to: Develop and implement the enterprise Security Information and Event Monitoring (SIEM) strategy and tool implementation via Splunk, design data flow diagrams and alert feed architectures to ensure seamless alert integration Develop and maintain SIEM architecture, including data sources, log management, and alerting mechanisms Configure tools, settings, alerts … in cybersecurity with a focus on SIEM engineering and operations A bachelor's degree in computer science, information technology, cybersecurity, or a related field Proficiency with SIEM platforms (e.g., Splunk, Swimlane, ArcSight, QRadar, LogRhythm) Strong understanding of network protocols, system logs, and security event correlation Experience in developing and tuning SIEM use cases, correlation rules, and alerts Preferred Qualifications: Relevant … certifications, such as: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH) -OR- SIEM specific certifications (e.g., Splunk Certified Power User) A master's degree Experience working in a government or defense environment (specifically DHS policies and procedures). Knowledge of broader cybersecurity frameworks (e.g., NIST, ISO 27001) Clearance Requirements: Must have a current More ❯
Required: • Experience with Linux/Redhat v8/v9 • Advanced Experience in Splunk (Frontend & Backend)• Experience in the buildout and sustainment of Splunk• Experience in writing Python scripts • Experience in ETL • Ability to apply systems engineering principles • Experience with data analysis and knowledge of data processing• IAT Level 2 Certification Desired: • Experience working with MongoDB• Relational data bases (MySQL, Postgres More ❯
Region/DC Metropolitan area WORK SCHEDULE/HOURS: 40 hrs/week JOB DUTIES: Create and maintain dashboards and reports for all necessary cybersecurity functions utilizing CDM dashboard, Splunk, Crystal Reports, PowerBI or other authorized platforms. Create a draft and final cybersecurity report by coordinating, consolidating and collecting the data and reports from multiple sources (for example, SERR, Cyber … Region/DC Metropolitan area WORK SCHEDULE/HOURS: 40 hrs/week JOB DUTIES: Create and maintain dashboards and reports for all necessary cybersecurity functions utilizing CDM dashboard, Splunk, Crystal Reports, PowerBI or other authorized platforms. Create a draft and final cybersecurity report by coordinating, consolidating and collecting the data and reports from multiple sources (for example, SERR, Cyber More ❯
security. Whether you’re an experienced analyst or an ambitious junior ready to move up, this is your opportunity to work with leading SIEM platforms like Microsoft Sentinel and Splunk in a dynamic, threat-rich environment that never stands still. What You’ll Be Doing Monitoring and triaging alerts across secure environments Investigating complex threats using logs, network traffic, and … attackers by integrating evolving threat intel What We’re Looking For Proven hands-on experience in a SOC environment Strong working knowledge of SIEM tools, especially Microsoft Sentinel or Splunk Solid understanding of core network protocols and modern security architecture DV clearance eligibility (must have lived in the UK for 10+ years) Aa a SOC analyst you’ll be on More ❯
application settings, and work alongside other security analysts in event handling and incident response Ability to perform configuration and deployment of vulnerability scanning and network assessment tools, such as Splunk, Elastic, or Microsoft Sentinel Ability to perform as a focal point for the incident response and be responsible for communicating with other stakeholders TS/SCI clearance Bachelor's degree … GICS, Cloud+, or PenTest+ Nice If You Have: Experience using Elastic for monitoring and analysis preferred Experience with using endpoint tools to successfully hunt for adversarial behavior Knowledge of Splunk and creating Splunk content, including alerts and dashboards Ability to conduct threat hunting using network and host-based information TS/SCI clearance with a polygraph Bachelor's degree SplunkMore ❯
busy SOC with a tech-first approach. The team is on the cusp of continued growth, and we are looking for leaders to drive forward. Knowledge of Microsoft Sentinel, Splunk, and MISP Threat Sharing would be a significant advantage. This role is based at our head office in Hemel Hempstead or Farnborough and involves a shift pattern with 12-hour … audiences and improving their content. Updating security incident documentation, including reports, analysis, and mitigation strategies. Qualifications and experience: Experience working in a Security Operations Centre. Managing Microsoft Sentinel and Splunk implementations. Knowledge of the Mitre Att&ck Framework. Understanding of client-server applications, web applications, databases, firewalls, VPNs, and AntiVirus products. Expertise in log data analysis and intrusion detection systems. More ❯
and Network IPS/IDS/HIPs traffic event review, server web log analysis, raw data logs; Ability to communicate clearly both orally and in writing. Working experience with Splunk SIEM. At least three years of experience working at a senior level, performing analytics examination of logs and console events and creating advance queries methods in Splunk or advance Grep … examining Snort based IDS events, Pcaps, web server log review, in SIEM environments Education/Certifications: Bachelor's degree in information systems, Computer Science or related field is preferred. Splunk Fundamentals I & II certification. Clearance: Public Trust Compensation: Compensation is unique to each candidate and relative to the skills and experience they bring to the position. The salary range for More ❯
equivalent experience). - 1+ years of SOC experience with direct experience in incident handling and response activities. - Knowledge of security tools and the security stack. - Hands-on experience with Splunk SIEM, including at least one year as a cybersecurity or security operations analyst. - Basic understanding of network protocols and packet analysis tools. - Certification: Security+ or equivalent. Splunk Fundamentals I & II More ❯
system operators as required for real-time detection, isolation, and resolution of problems. 24/7/365 Operational Support to customers and users in the field Utilize SolarWinds, Splunk, WireShark (and other monitoring tools) to monitor internal and external hardware, software, network connectivity, status IT infrastructure (utilizing ping, SNMP traps, customer scripts) - and utilizing established TTP's to respond … Required Qualifications 8+ years of directly related experience in IT/Network administration and support. TS/SCI or DoE Q Clearance Experience with monitoring tools such as SolarWinds, Splunk, or WireShark. Have a working knowledge of critical physical infrastructure (including HVAC, Power, UPS, etc) that is utilized to support mission operations Desired Qualifications Experience with Linux and Windows system More ❯
Support group, you'll play a crucial role in maintaining and optimizing essential enterprise tools while ensuring robust security compliance. The Opportunity: Manage and optimize critical enterprise tools including Splunk, SCCM, Micro Focus, and 1E Lead enterprise-wide patching initiatives to enhance system security and stability Conduct performance analytics to drive continuous improvement of IT services Work Environment: • Day shift … 19+ years of relevant experience with HS/GED OR Bachelor's degree with 14+ years of experience IAT Level 2 certification (CompTIA Security+ CE certification) Proven experience with Splunk, SCCM, Micro Focus, and 1E Strong knowledge of cloud security principles Expertise in patch management and problem-solving Desired: Experience with PowerShell scripting and automation Familiarity with performance tuning and More ❯
assessed and improved automation systems for reliability, performance, and scalability to meet evolving security and operational needs. Hands-on experience with security automation and cloud tools such as Sentinel, Splunk SOAR, Palo Alto XSOAR, and platforms like Azure, AWS, and GCP to support SOC and detection engineering efforts. More ❯
Birmingham, West Midlands, West Midlands (County), United Kingdom
Spinks
experience in AWS Data Engineering, including tools such as Python, Snowflake & Terraform. Previous experience working with Data Warehousing, Data Lakes or Data Meshes. Experience with logging tools such as Splunk or Elastic) Experience with databases such as NoSQL or SQL. Benefits: Competitive salary Pension scheme, 25 days holiday plus bank Flexible working Other perks like personal wellbeing support and professional More ❯
on emerging threats and vulnerabilities. Qualifications: - Bachelor's degree in Computer Science, Engineering, or a related field - 5+ years of technology experience, 3+ in cyber security - Experience with ePO, Splunk, ACAS, WSUS, Active Diectory GPO's and STIG/SCAP - Active TS/SCI - Travel as needed More ❯
the data ingest pipeline to perform API service development and updates. Shall use the following technologies: Relational Data Stores (e.g., Oracle 21c), NiFi, Kafka, Elastic MapReduce (EMR) Hbase, Elastic, Splunk, Java, Python, and Spring to instrument and update the Data Catalog for data metrics, using Splunk and MySQL. REQUIRED QUALIFICATIONS Requires an active Top Secret/SCI + Poly clearance. More ❯
with specialized communications solutions Experience deploying systems Preferred Experience with programming languages such as Python, Java, C/C++, etc. Familiarity with network and log analysis tools, such as Splunk, LogRhythm, Wireshark Exposure to AL/ML technologies to analyze network protocols and communications Experience in VPN set up; reviewing popular services. Also, experience in two-factor authentication Experience in More ❯
data and ensure the accuracy and fidelity of technical data including cyber security, IT infrastructure, and networks used to support and develop FISMA and Audit reports. experience using HBSS, Splunk and other audit logs tools work directly with gov't systems audit SME to ensure audit findings corrected proit to auditor's reviews Also, as a functional team member, the More ❯
possess a degree Linux system administration background Knowledge of physical and virtual servers (rack/stack, network, build, deploy, etc.) and log aggregation applications Preferred Skills in Elasticsearch/Splunk, Syslog/NxLog, Nagios or other similar monitoring applications Scripting experience (Python/Perl) CompTIA Security+ certification is required More ❯
experience (in order to support the underlying operating systems that the KG software runs on) Vine KG Tool Experience and/or the GENOME KG Tool Experience Preferred Qualifications: Splunk Networking to assist in troubleshooting connectivity issues between the KG software and the KGs themselves. SQL Experience Security Clearance Required: TS/SCI with Poly About Avid Technology Professionals Avid More ❯
