Senior Splunk Cyber Security Engineer
Role summary
MANTECH is seeking a Senior Splunk Cyber Security Engineer in Chantilly, VA, to support system accreditation efforts. This role involves creating Body of Evidence documentation, implementing controls, and managing a large Splunk environment. Responsibilities include deploying Splunk add-ons, performing API integrations, documenting deployments, managing forwarders, and overseeing Knowledge Object Management including CIM. The engineer will also recommend and implement cyber defense improvements. A Bachelor's degree or equivalent experience, 5+ years in cyber security, and 3+ years with Splunk Enterprise Security are required, along with experience in Unix/Linux/Windows, accreditation processes, and network documentation. A DoD 8570 IAT Level II or III certification and an active TS/SCI with Polygraph are mandatory.
MANTECH seeks a motivated, career and customer-oriented Senior Splunk Cyber Security Engineer to join our team in Chantilly, VA.
The Senior Splunk Cyber Security Engineer will leverage their strong technical background and knowledge to support the Sponsor’s system accreditation efforts, to include creating Body of Evidence (BOE) documentation, responding to, implementing, and documenting required controls, and completing required tasks and actions.
Responsibilities include but are not limited to:
- Managing the day-to-day operation of a large Splunk environment and troubleshooting new and current data collection issues to ensure system health.
- Deploying and managing all supported and unsupported Splunk Add-ons required for specific data sources and performing integrations via API.
- Delivering comprehensive Splunk deployment documentation to detail specifications, deployment methods, and architectural considerations.
- Designing and deploying forwarders rapidly with centralized configuration management using the Splunk Deployment Server.
- Overseeing Knowledge Object Management, such as Common Information Model (CIM) management and tuning, to ensure data consistency.
- Working with all stakeholders to ensure complete and functioning systems that meet all requirements.
- Recommending, and when approved, implementing process and policy improvements to enhance cyber defense capabilities.
Minimum Qualifications:
- Bachelor’s degree or 4+ additional years of experience in lieu of degree.
- 5+ years of experience in cyber security
- 3+ years of experience with Splunk Enterprise Security
- Experience working with Unix, Linux, and Windows operating systems to drive a security agenda across intertwined systems.
- Experience navigating the Sponsor's accreditation process and ICD 503 requirements.
- Experience with network documentation including security compliance, configuration management, and patching.
- Possession of a DoD 8570 IAT Level II or IAT Level III certification.
Preferred Qualifications:
- Experience with scripting languages such as Bash, Python, or Java, and utilizing various analytical tools.
- Advanced Splunk certifications including Architect, Consultant, or IT Service Intelligence (ITSI) experience.
- Cribl Engineer Certification and experience with security and operational related use cases.
Clearance Requirements:
- An active TS/SCI with Polygraph is required for this position.
Physical Requirements:
- Must be able to remain in a stationary position 50% of the time.
- Needs to occasionally move about inside the office to access file cabinets, office machinery, and other equipment.
- Frequently communicates with co-workers, management, and customers, which may involve delivering presentations.
- Must be able to exchange accurate information in these situations.