SOC Splunk Engineer

Description

We are looking for an experienced SOC Splunk Engineer to join our team in Washington D.C. 20220. This role focuses on designing, implementing, and maintaining robust security systems to safeguard sensitive data and ensure compliance with organizational standards. As this is a long-term contract position, you will have the opportunity to contribute to strategic security initiatives while collaborating with cross-functional teams.

Key Responsibilities:

• Administer Splunk Enterprise Security (ES) infrastructure, including data source configuration, troubleshooting, and optimization.
• Create dashboards, notable events, visualizations, and actionable content using SPL to aid in security investigation and monitoring.
• Perform deep-dive investigations on security events, leveraging your expertise in network traffic analysis, endpoint threat detection, and SIEM operations.
• Analyze and discern security incidents from false positive events, triaging and responding to cyberattacks with effective countermeasures.
• Collaborate with security teams to develop custom detection use cases, rules, filters, and security content to identify anomalous patterns and emerging threats.
• Onboard and curate new data sources for Splunk, including troubleshooting to ensure proper data ingestion and alignment.
• Utilize intrusion detection systems (IDS) and other SOC tools to monitor, detect, and respond to threats.
• Research and integrate monitoring content for emerging threats, driving improvements in security operations.
• Support enterprise environments, with hands-on experience troubleshooting event issues and ensuring data availability across tools and workflows.

Requirements

Required Qualifications:

• 2-5 years of experiencein network defense environments.
• Splunk Admin Certification.
• Proficiency inSplunk AdministrationandEnterprise Security (ES), including managing and analyzing data sources and creating content like dashboards and notables.
• Strong analytical and technical expertise incomputer network defense operations, includingincident handling,hunting, andmalware analysis.
• Proven ability to identify, triage, and respond to security incidents, including constructing countermeasures.
• Hands-on experience with common SOC tools, such as IDS, security event management platforms, and endpoint detection tools.
• Knowledge of network routing protocols (e.g., TCP, UDP, ICMP, BGP, etc.) and common enterprise applications and standards (e.g., SMTP, DNS, HTTP, DHCP, etc.).
• Working knowledge ofWindows Active Directory, Linux, and OS X operating systems in enterprise environments.
• Strong communication skills and ability to document, track, and communicate activities within SOC workflows.
• Experience identifying and implementing mitigating controls for potential threats.

Desired Qualifications:

• Proficiency in researchingemerging threatsand developing corresponding security monitoring content.
• Familiarity with security tools such asFireEye,Palo Alto, and thefull Microsoft O365 suite (Compliance Center).
• Relevant certifications such asSecurity+,CySA+,GCIA, orGCIH.
• Experience withscripting or automationto improve security operations.
• Familiarity withcloud security monitoringin environments likeAWSorAzure.

Education:

• Bachelor's degree(preferred) in Computer Science, Cybersecurity, or related disciplines, or equivalent work experience.

Technology Doesn't Change the World, People Do.

Robert Half is the world's first and largest specialized talent solutions firm that connects highly qualified job seekers to opportunities at great companies. We offer contract, temporary and permanent placement solutions for finance and accounting, technology, marketing and creative, legal, and administrative and customer support roles.

Robert Half works to put you in the best position to succeed. We provide access to top jobs, competitive compensation and benefits, and free online training. Stay on top of every opportunity - whenever you choose - even on the go. Download the Robert Half app and get 1-tap apply, notifications of AI-matched jobs, and much more.

All applicants applying for U.S. job openings must be legally authorized to work in the United States. Benefits are available to contract/temporary professionals, including medical, vision, dental, and life and disability insurance. Hired contract/temporary professionals are also eligible to enroll in our company 401(k) plan. Visit roberthalf.gobenefits.net for more information.

2025 Robert Half. An Equal Opportunity Employer. M/F/Disability/Veterans. By clicking "Apply Now," you're agreeing to Robert Half's Terms of Use.