Description
Leidos Digital Modernization Sector is seeking an experienced Splunk Engineer , for this highly visible cyber security program supporting Customs and Border Protection (CBP) security operations center (SOC). CBP SOC is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, various cloud environments, security devices, servers and workstations.The CBP SOC is responsible for the overall security of CBP Enterprise-wide information systems, and collects, investigates, and reports any suspected and confirmed security violations.
As a Splunk Engineer, you will support the full system engineering life cycle, including requirements analysis, design, development, implementation, integration, test, and documentation. You will also follow defined best practices and operational workflows.
U.S. Citizenship required with ability to favorably pass a 5-year (BI) Background InvestigationBEFORE you begin work on the program.
What will you do in this role?
Provide overall engineering, and administration in supporting a very large distributed clustered Splunk environment consisting of search heads, indexers, deployers, deployment servers, heavy/universal forwarders, and Splunk Enterprise Security premium apps, spanning security, performance, and operational roles.
Recognize and onboard new data sources into Splunk, building dashboards, searches, reports, etc.
Proficient within a Linux environment, edit and maintain Splunk configuration files and apps.
Familiar with ansible or other automation tools.
As a member of theEnterprise Splunk team, which falls under Cybersecurity Engineering; you will be required to interact with end users to gather requirements, perform troubleshooting, and provide assistance with the creation of Splunk search queries and dashboards.
May be required interact with senior management, as necessary.
These are required qualifications for this role...
A minimum of a Bachelor's degree with 8+ years' experience in the Information Technology arena.
Additional Cyber Security Certifications and experience may be considered in lieu of Bachelor's degree.
A combination of 4+ Years experience in Linux, Splunk, Ansible, app interface development, using REST APIs, or other Cyber technologies.
Ability to followChange & Configuration Management, utilizing automation tools, such as Git.
4+ years of experience in a Splunk roleworking in a Splunk clustered environment, with experience in Splunk premium app management (Enterprise Security, ITSI).
Strong problem-solving abilities with an analytic and qualitative eye for reasoning under pressure.
Self-starter with the ability to independently prioritize and complete multiple tasks with little to no supervision.
Knowledge of Cloud Services such as AWS, Office365.
Understanding and usage of Regex.
Experience with scripting languages, such as Python, Bash, Visual Basic or PowerShell.
Understanding basic networking principles or Enterprise network design.
Possess baseline security certification to meet DoD 8570 at IAT II requirements, such as Security +.
Must have a current or be able to favorably pass a 5-year (BI) Background Investigation to join this program.
Must have at least one of the following certifications:
Splunk Enterprise Security Certified Admin
Splunk IT Service Intelligence Certified Admin
Splunk Cloud Certified Admin
Splunk SOAR Certified Automation Developer
Splunk Certified Developer
Splunk Enterprise Certified Admin
Splunk Enterprise Certified Architect
Splunk Core Certified Consultant
These are preferred qualifications for this role...
Prior experience in Splunk professional services role.
Possess certifications in Splunk premium app, such as Enterprise Security, ITSI, UBA.
Splunk Certified Developer certification.
Experience in automating Splunk Deployments and orchestration within a Cloud environment.
Experience with FISMA Systems requirements.
Experience with Confluence, JIRA, ServiceNow.
Cribl CCOE User certification.
Original Posting Date:
2024-09-20
While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range:
Pay Range $101,400.00 - $183,300.00
The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
REQNUMBER: R-00144312
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. Leidos will consider qualified applicants with criminal histories for employment in accordance with relevant Laws. Leidos is an equal opportunity employer/disability/vet.