Overview
Remote
Hybrid
BASED ON EXPERIENCE
Contract - Independent
Contract - W2
Contract - 7+ mo(s)
Skills
SPLUNK
SIEM
SPLUNK MACHINE LEARNING TOOLKIT
MLTK
SPLUNK SEARCH PROCESSING LANGUAGE
SPL
REGULAR EXPRESSION LANGUAGE
REGEX
LINUX
RED HAT
REDHAT
RHEL
CISSP
SECURITY+
CASP+
CCNP SECURITY
CISA
GCED
GCIH
PUBLIC TRUST
CLEARANCE
FRAMEWORK
MITRE
ATT and CK
OWASP
NIST
SCRIPT
CSS
HTML
JAVASCRIPT
JS
PYTHON
Job Details
PSR Associates is a consulting and talent solutions firm that connects qualified IT professionals with great opportunities. Whether you're looking for a contract or permanent position, we can help you find the right fit for your skills and experience. We have a team of experienced recruiters who know the IT industry inside and out, and we work with you every step of the way to ensure a smooth and successful transition. PSR Connecting Talent, Crafting Success.
Sr. Splunk Engineer (w/Active Public Trust Security Clearance)
REMOTE (East Coast Work Hours)
6+ month contract, likely extension into 2025
As a Senior Splunk Security Engineer, you will be responsible for leading the deployment, and maintenance of the Splunk Security Information Event Management (SIEM) solution within a 24x7x365 Federal Security Operation.
The Splunk Engineer will analyze our client s business requirements / systems /networks and translate those specifications into a SIEM design that provides an efficient and effective SIEM solution within a federal cloud environment. The Senior Splunk Engineer will serve as a lead engineer for Splunk while providing mentorship and guidance for mid-level engineers.
Required Technical and Professional Expertise
Sr. Splunk Engineer (w/Active Public Trust Security Clearance)
REMOTE (East Coast Work Hours)
6+ month contract, likely extension into 2025
As a Senior Splunk Security Engineer, you will be responsible for leading the deployment, and maintenance of the Splunk Security Information Event Management (SIEM) solution within a 24x7x365 Federal Security Operation.
The Splunk Engineer will analyze our client s business requirements / systems /networks and translate those specifications into a SIEM design that provides an efficient and effective SIEM solution within a federal cloud environment. The Senior Splunk Engineer will serve as a lead engineer for Splunk while providing mentorship and guidance for mid-level engineers.
Required Technical and Professional Expertise
- 5+ years of Splunk Engineering / administration experience
- 3+ years of management of Splunk within a Federal environment
- Deep understanding of enterprise environments, specifically cloud-based and hybrid cloud environments.
- Knowledge of security frameworks including MITRE Telecommunication&CK, OWASP, & NIST.
- Hands-on troubleshooting, analysis, and technical expertise to resolve incidents and/or service requests.
- Strong written communication skills and the ability to articulate technical security analysis to a non-technical audience.
- Understanding of possible attack activities such as network reconnaissance probing/ scanning, DDOS, malicious code activity, etc.
- Ability to demonstrate Splunk Machine Learning Toolkit (MLTK), Splunk Search Processing Language (SPL) expertise and Regular Expression Language
- Experience with using scripting languages such as CSS, HTML, JavaScript, Python, and shell scripting to automate tasks and manipulate data.
- Intermediate expertise with Red Hat Enterprise Linux (RHEL)
- 1+ years of experience leveraging Splunk or audit logs for incident response and user behavior analytics.
- Experience with security tool data, including Network & Host Firewall, Tenable, Tanium
- CompTIA Security+ Certification
- CISSP Certification or equivalent DoD 8570 Certification
- (DoD 8570/8140 certification required, such as: CASP+ CE, CCNP Security, CISA, CISSP, GCED, GCIH) in required skills.
- Splunk Cloud design, management, implementation, and support.
- Experience with programming is a plus.