Job Description

Program Overview

Engineering, integration, and cybersecurity support to design, build, and test enhanced services for the Department of Navy's IT architecture. Offers a wide range of roles, from cybersecurity experts to engineers specializing in systems, networks, software, and data center services.

About The Role

We are seeking a Security Splunk Architect/Engineer to support a Navy enterprise network within the Engineering and Cyber Divisions. The candidate’s primary responsibility is to maintain and enhance the existing Splunk infrastructure in the enterprise. Further projects will involve the implementation of Splunk Enterprise Security (ES) and Security Orchestration, Automation, and Response (SOAR) and other vendor solutions.

• Implements, tests, and operates advanced software security techniques in compliance with technical reference architecture.
• Performs on-going security testing and code review to improve software security.
• Troubleshoots and debugs issues that arise.
• Provides engineering designs for new software solutions to help mitigate security vulnerabilities.
• Contributes to all levels of the architecture and maintains technical documentation.
• Consults team members on secure coding practices. Develops a familiarity with new tools and best practices.
• Designing, implementing, and maintaining SIEM and SOAR solutions.
• Design and implement threat detection, automate incident response processes, integration of various security tools with SIEM and SOAR platforms via APIs
• Maintain SIEM applications to collect and aggregate IDS and IPS data from network sensors, raw data from collection agents, firewalls, proxy servers, DLP, antivirus, vulnerability scanner elements, and other security-relevant devices.
• Utilize expertise in Splunk "Search" language, Splunk Dashboards, Reports, Lookup Tables, and Summary Indexes. Build Splunk dashboards that take inputs from various data sources such as application logs / operating system logs / middleware logs / network feeds etc. and identify / highlight anomalous activities on the dashboards by their severity levels.
• Perform troubleshooting and provide assistance with the creation of Splunk search queries and dashboards.

Qualifications

Requirements:

• Bachelor's degree and 12 years of relevant experience, Masters degree and 10 years, or a PhD and 7 years.  Equivalent four years of work experience can substitute for a degree.
• Proven experience as a Splunk Administrator or similarly named Splunk focused role.
• Strong understanding of Splunk architecture, components, and deployment options.
• Proficiency in Splunk Search Processing Language (SPL) for creating complex search queries and reports.
• Experience with Splunk data ingestion methods, including forwarders, Event Collector (HEC), and scripted inputs.
• Familiarity with Splunk Enterprise Security (ES), Qumolos, and Splunk SOAR is a plus.
• Solid understanding of IT infrastructure, including networking, operating systems, and security principles.
• Excellent problem-solving skills and attention to detail.
• Strong communication and collaboration abilities.
• 8140/8570 IAT Level III certification required.

Clearance: 

• TS/SCI Required

Certifications:

• Splunk Architect is desired.
• Splunk Certified Administrator certification desired.

Benefits:

Peraton offers enhanced benefits to employees working on this critical National Security program, which include heavily subsidized employee benefits coverage for you and your dependents, 25 days of PTO accrued annually up to a generous PTO cap and eligibility to participate in an attractive bonus plan.

SCA / Union / Intern Rate or Range

Details

Target Salary Range: $135,000 - $216,000. This represents the typical salary range for this position based on experience and other factors.

EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.

Job Tags

Similar Jobs