NorthHill Technology Resources has a need for a Splunk Engineer to support a newly awarded Federal Program with DIA. Qualified candidates must have an active TS/SCI with CI Poly. This role can be located in Sterling, VA, Annapolis Junction, MD, Colorado Springs or Bossier City, LA.
The role primarily entails hands on technical product design and deployment specifically for building and managing SIEM platforms like Splunk Enterprise, Splunk User Behavior Analytics, Splunk Phantom, Splunk Enterprise Security.
The qualified candidate must possess the following engineering skills and experience supporting a large and complex federal organization:
- Engineer, implement and administer Splunk Enterprise, Splunk Enterprise Security, Splunk UBA and Splunk Phantom in public cloud and on-premise datacenters
- Analyze, design, build & support Splunk Multi-Cluster Architecture.
- Proficiency developing log ingestion and aggregation strategies
- On-board new data sources into Splunk, analyze the data for anomalies and trends and build dashboards highlighting the key trends of the data. product architecture, engineering and roadmap & Infrastructure Services for platforms supported by Security Analytics team Perform integration activities to connect with 3rd party software.
- Assist the content engineering team in developing security-focused content for Splunk, including creation of complex threat detection logic and operational dashboards
- Communicate requirements and risks to stakeholders such as Product, Engineering, and Security leadership.
- Work with cross-functional teams to proactively improve on existing integration automation/workflows.
- Maintain up-to-date knowledge of technology standards, industry trends, emerging technologies, and best practices.