Splunk Engineer/Admin
Locations: Annapolis Junction, MD Alexandria, VA Aurora, CO San Diego, CA
Clearance Required: TS/SCI with FS Poly (Sienna) (Must have FS Poly within the last 5 years - No CCAs)
Compensation: $150-$200K
Onsite Position
Overview:
We are seeking a Splunk Engineer/Admin to support mission-critical operations in a high-security environment. The ideal candidate will have hands-on experience with Splunk engineering and administration, as well as other security information and event management (SIEM) tools. This role requires expertise in designing, implementing, and optimizing Splunk environments to support auditing, incident response, and system health monitoring.
If you are a SIEM specialist with a deep understanding of network security, data analysis, and log management, we encourage you to apply.
Key Responsibilities:
- Splunk Administration & Engineering:
- Design, implement, and support Splunk core components, including indexers, forwarders, search heads, and cluster managers.
- Configure and administer Splunk ingestion and forwarding for new and existing applications and data sources.
- Troubleshoot Splunk data flow issues between various core components.
- Optimize search-time performance, log ingestion, and field extractions.
- SIEM & Network Security Monitoring:
- Support monitoring systems for auditing, incident response, and system health.
- Create custom dashboards and analytics within SIEM tools to improve visibility into security events.
- Configure and deploy data collection solutions across multiple operating systems and networking platforms.
- Troubleshoot network security logs and log feed issues from different sources.
- Collaboration & Agile Development:
- Work alongside cybersecurity teams to enhance SIEM capabilities and improve incident response workflows.
- Participate in an Agile development environment, contributing to the continuous improvement of security monitoring solutions.
- Travel up to 25% of the time (if not located in Maryland).
Required Qualifications:
Security Clearance: TS/SCI w/ FS Poly (Must have FS Poly within the last 5 years - No CCAs)
Experience: At least 2+ years working with one or more of the following:
- Splunk, StealthWatch, TripWire, Zenoss, ArcSight
Splunk Expertise:
- Splunk Certified Admin preferred (or extensive hands-on Splunk experience)
- Strong knowledge of Splunk architecture, including indexers, forwarders, search heads, and cluster managers
- Experience troubleshooting Splunk ingestion, forwarding, and data processing
SIEM & Security Monitoring Experience:
- Experience with incident response workflows in a SIEM environment
- Understanding of network components, protocols, ports, and security event logging
Technical Troubleshooting Skills:
- Ability to resolve log feed issues, search-time inefficiencies, and field extractions
- Strong analytical skills to diagnose data and security event issues
Preferred Qualifications:
Education: Bachelor's Degree in Computer Science, Engineering, Information Assurance, or a related field
Certifications:
- Splunk Certified Admin (highly preferred)
- Security+ Certification
- GIAC Certified Incident Handler (GCIH)
- GIAC Cyber Threat Intelligence Certification (GCTI)
- Other cybersecurity certifications or formal SIEM training
Additional Experience:
- Security Operations Center (SOC) experience
- Data visualization expertise for improved SIEM dashboarding
- Experience developing workflows for incident response
- Agile development experience
Why Join Us?
Mission-Driven Work - Play a key role in national security and cyber defense operations
Career Growth - Gain hands-on experience with cutting-edge SIEM tools
High-Security Environment - Work with classified networks and sensitive security data
Innovative Team - Collaborate with top-tier cybersecurity professionals
Competitive Market Rate - Compensation based on experience and skillset
If you're a Splunk expert looking to make an impact in cybersecurity and network defense, apply today.
Ref: (ALTA IT)
System One, and its subsidiaries including Joulé, ALTA IT Services, CM Access, TPGS, and MOUNTAIN, LTD., are leaders in delivering workforce solutions and integrated services across North America. We help clients get work done more efficiently and economically, without compromising quality. System One not only serves as a valued partner for our clients, but we offer eligible full-time employees health and welfare benefits coverage options including medical, dental, vision, spending accounts, life insurance, voluntary plans, as well as participation in a 401(k) plan.
System One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, age, national origin, disability, family care or medical leave status, genetic information, veteran status, marital status, or any other characteristic protected by applicable federal, state, or local law.