Splunk Security Engineers - Military veterans preferred

SAIC (www.saic.com)


  full-time   employee

District of Columbia
United States




Splunk Security Engineers on our team provides technical leadership to the Information Security team enhancing the PBGC Information Technology Infrastructure. Responsibilities include gathering and analyzing security specific requirements, identifying gaps in the security architecture and developing solutions to best address any identified gaps, performing root cause analysis on any operational security issue, function as an information security risk manager, and serve as a security subject matter expert for PBGC’s operational security program.



  • Bachelor’s degree plus five (5) years of related IT, information security, and/or systems engineering experience, or additional four (4) years in lieu of Bachelor’s degree.



  • All candidates for consideration must be eligible to obtain a US Public Trust security clearance. 



  • Significant familiarity with IT infrastructures, including a variety of networks, servers, and databases.

  • Must have 3 years of experience working with SPLUNK.

  • Solid understanding of logging technologies (syslog, Windows and UNIX native logging)

  • Extensive knowledge of a tier Splunk installation; indexers, forwarders, search heads, clusters

  • Familiar with Splunk architecture and best practices

  • Driving and managing the technology evaluation and integration of add-ons for Splunk.

  • Standardize Splunk forwarder deployment, configuration and maintenance across a variety of platforms Experience creating new data feeds for ingestion

  • Experience using DBX and DBConnect

  • Minimum 2 years demonstrated experience with engineering, deploying, maintaining, and utilizing Splunk

  • Demonstrated expert-level knowledge of Linux systems, ability to create new accounts, assign permissions, install/start/stop services as needed, and maintain configuration using git/deployment/server

  • Demonstrated knowledge of Regular Expression, Splunk SPL, Syslog, Python, DNS, DHCP, and file storage technologies

  • Experience creating new data feeds for ingestion

  • Experience using DBX and DBConnect

  • Experience with eval commands, advanced lookup topics, advanced alert actions, using regex to extract fields, using spath to work with self-referencing data, creating nested macros and macros with event types, and accelerating reports and data models.

  • Knowledge of UF and HF installation and configuration of Indexers Must have strong communication skills and a solid understanding of IT Security concepts to include vulnerability & patch management, security operations, Incident Management and Incident response. The candidate must be able to work with other team members and groups, work with competing priorities, and possess strong customer focus.



  • Background in systems engineering, requirements analysis and synthesis.

  • Operational security & incident response experience with tools such as IDS, Antivirus, Vulnerability Scanners, SIEM.

  • Relevant security certifications (CISSP, CISSP-ISSEP, CISSP-ISSAP, GSEC, etc.), certification and accreditation experience, familiarity with NIST and federal standards such as OMB & FISMA.