Sr Splunk Specialist

We are currently seeking a skilled Splunk Specialist who possesses a keen interest in expanding their expertise to encompass Splunk technologies. This role offers an exciting opportunity for individuals eager to delve into the dynamic realm of Splunk Operations and Development while leveraging existing proficiency in technologies across Systems and Cyber.

• Serve as the Lead Splunk Engineer and Analyst.
• Lead and manage the continued deployment, expansion, and day-to-day maintenance and administration of Security Information & Event Management (SIEM) operations.
• Maintain operational proficiency of Splunk servers, forwarders, indexers and search heads.
• Conduct Assessments and support system components according to DISA STIGs, Security Requirements Guides (SRG), and applicable DoD orders and directives
• Build use cases and dashboards depending on requirements.
• Work closely with the Incident Response team on handling incident and problem management for the SIEM infrastructure.
• Facilitate the integration of new data sources into the SIEM.
• Develop detailed security design documentation for component and interface specifications to support system design and development.
• Track, measure and evaluate logging security posture across the enterprise.
• Mentor analysts and engineers on Splunk technologies and components.
• Candidate may also provide general technical cybersecurity support in the areas of vulnerability assessment, risk assessment, network security, and security implementation. Additional general duties include implementation and support for protecting the confidentiality, integrity and availability of sensitive information; providing input into the design of IS contingency plans; and conducting testing and audit log reviews to evaluate the effectiveness of current security measures.

Salary Range: $160,000 - $180,000

Must be a US citizen, possess a DoD Secret clearance . Minimum vetting Tier 5(T5)-Single Scope Background Investigation (SSBI)

• Active DoD 8570 IAT Level 2 or Level 3 certification for compliance, including at least one of the following certifications in good standing: CompTIA CISA+, CompTIA Security, ISC2 CISSP, ISC2 CCSP, or ISC2 SSCP
• Computing Environment Certification

Bachelor's degree and 10+ years of Information Technology or Cybersecurity related experience

• Subject matter expertise in Splunk and Splunk Enterprise Security, with proven experience designing, configuring, deploying, monitoring, and optimizing log management in a distributed, complex enterprise
• Experience delivering Tier-3 cybersecurity support, including resolving critical issues, mentoring junior personnel, and performing post mortem analysis to identify, document, and implement lessons learned within a continuing quality improvement framework
• Comprehensive awareness of IT operations business requirements, with the ability to deliver cyberhardening and cybersecurity requirements while not degrading system availability, functionality, or performance
• Ability to communicate effectively with government and contract leadership, while conveying highly technical concepts to both technical and nontechnical stakeholders
• Capacity to thrive in a complex, fast paced environment with competing demands while delivering consistent, high-quality commitment to mission-critical systems and solutions
• Excellent analytic skills, including qualitative and quantitative data analysis to support and defend data-driven decision-making regarding system threats, vulnerabilities, and risk
• Knowledge of DoD cybersecurity policies, practices, and requirements
• Strong organizational skills

$19.00 - $27.00 per hour

ECS is seeking a Sr Splunk Specialist ( Cyber Security Engineer SME III) to work in Alexandria, VA or Seaside, CA where you will be supporting DMDC. This is a team lead position responsible for overseeing and working directly with a team of Splunk Engineers and Analysts to analyze, triage, and support data transformation initiatives. This role is at the forefront of enhancing our client's security data environment to provide optimal up time of the platform.