Senior Splunk Engineer

  • SAIC,
  • Oak Ridge, TN
  • 5 hours ago
company banner
SAIC
Engineer, Security, Interface, Linux, Windows, IT, Architect
Full Time

Job Description

Description

SAIC has an opening for a Splunk Engineer. This position is 100% remote and can be worked nationwide.

The Cybersecurity Senior Specialist, Splunk Engineer position is responsible for duties around supporting the tools and technologies that are owned and operated by the Enterprise Security Operations Center (ESOC). The Splunk Engineer will support other organizations within the company delivering solutions for data-driven challenges that enable the company.

The individual should be knowledgeable on a number of security technologies, have a solid understanding of information security and networking and experience interacting with customers. Will be able to engage on tasks independently, document and communicate work efforts and provide technical support.

The position will be responsible for maintaining and tuning the signatures, interfaces, and technical processes to ensure the tools are operational and meet the requirements of Enterprise Security Operations. This position will also be aiding the team in implementing and maturing the Machine Learning and AI features utilized by the ESOC and SAIC. A background in data sciences and machine learning is a plus.

Job Duties:
  • Install/Configure/Maintain log management/correlation tools and SIEM
  • Annually audit correlation rules to ensure relevance and efficiency
  • Work with the ESOC to generate new correlation rules
  • Create and maintain technical dashboards
  • Work at the system level to improve performance and make proposals for improvements
  • Train and mentor members of the ESOC on SIEM capabilities and utilization
  • Develop appropriate metrics to measure the monitoring program and related process as directed by management
  • Document procedures for data ingestion
  • Document and maintain access controls to ensure compliance and governance of data access
  • Work with Business line to ensure that applications/dashboards meet business needs
  • Creating and implementing configuration standards, policies, and/or procedures for improved operations and management.
  • Resolving incidents and/or other issues, while integrating with change management processes.
  • Develop scripts and code to integrate with security tools
  • Interface with analysts to ensure that the tools are meeting requirements
  • Work with MLTK and DLTK

General:
  • Experience with Linux and Windows platforms required
  • Understanding of network technologies, work flows, IT reporting, etc.
  • Understanding of Data Science and Machine Learning/AI technologies and capabilities
  • Experience working with Machine Learning/AI
  • Strong written communication skills.
  • Strong verbal communication skills.
  • Works well with the team and clients.

Qualifications

Required Education: Bachelors and five (5) years or more experience; Masters and three (3) years or more experience; PhD and 0 years related experience.

Required Experience:
  • 2+ years cybersecurity operation related experience or 2+ years software analyst/programming related experience.
  • Must be able to obtain the Splunk Core Certified Admin Certification within the first 6 months of employment.
  • Must be a US Citizen.

Preferred Experience:
  • 4+ years cybersecurity operation related experience or 4+ years software analyst/programming related experience.
  • Splunk Admin or Architect Level Certifications


Target salary range: $75,001 - $100,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.


My SAIC Benefits.


Company Information

Dice Id : 10111346
Position Id : 216182
Originally Posted : 2 months ago

Similar Positions at SAIC

Senior Linux Administrator
  • Oak Ridge, TN
  • 24 hours ago
Senior SOC Analyst
  • Oak Ridge, TN
  • 24 hours ago
Security Operations Support Technician
  • Oak Ridge, TN
  • 24 hours ago
SOC Analyst II
  • Oak Ridge, TN
  • 24 hours ago
GCCS Tier 1 Administrator
  • Cookeville, TN
  • 24 hours ago
Security Operations Support Technician
  • Cookeville, TN
  • 24 hours ago
Cloud Engineer
  • Huntsville, AL
  • 24 hours ago
Senior Data Engineer
  • Huntsville, AL
  • 24 hours ago
Senior SOC Analyst
  • , TN
  • 24 hours ago
Senior Systems Administrator
  • Huntsville, AL
  • 24 hours ago