SAIC has an opening for a Splunk Engineer. This position is 100% remote and can be worked nationwide.
The Cybersecurity Senior Specialist, Splunk Engineer position is responsible for duties around supporting the tools and technologies that are owned and operated by the Enterprise Security Operations Center (ESOC). The Splunk Engineer will support other organizations within the company delivering solutions for data-driven challenges that enable the company.
The individual should be knowledgeable on a number of security technologies, have a solid understanding of information security and networking and experience interacting with customers. Will be able to engage on tasks independently, document and communicate work efforts and provide technical support.
The position will be responsible for maintaining and tuning the signatures, interfaces, and technical processes to ensure the tools are operational and meet the requirements of Enterprise Security Operations. This position will also be aiding the team in implementing and maturing the Machine Learning and AI features utilized by the ESOC and SAIC. A background in data sciences and machine learning is a plus.
- Install/Configure/Maintain log management/correlation tools and SIEM
- Annually audit correlation rules to ensure relevance and efficiency
- Work with the ESOC to generate new correlation rules
- Create and maintain technical dashboards
- Work at the system level to improve performance and make proposals for improvements
- Train and mentor members of the ESOC on SIEM capabilities and utilization
- Develop appropriate metrics to measure the monitoring program and related process as directed by management
- Document procedures for data ingestion
- Document and maintain access controls to ensure compliance and governance of data access
- Work with Business line to ensure that applications/dashboards meet business needs
- Creating and implementing configuration standards, policies, and/or procedures for improved operations and management.
- Resolving incidents and/or other issues, while integrating with change management processes.
- Develop scripts and code to integrate with security tools
- Interface with analysts to ensure that the tools are meeting requirements
- Work with MLTK and DLTK
- Experience with Linux and Windows platforms required
- Understanding of network technologies, work flows, IT reporting, etc.
- Understanding of Data Science and Machine Learning/AI technologies and capabilities
- Experience working with Machine Learning/AI
- Strong written communication skills.
- Strong verbal communication skills.
- Works well with the team and clients.
Required Education: Bachelors and five (5) years or more experience; Masters and three (3) years or more experience; PhD and 0 years related experience.
- 2+ years cybersecurity operation related experience or 2+ years software analyst/programming related experience.
- Must be able to obtain the Splunk Core Certified Admin Certification within the first 6 months of employment.
- 4+ years cybersecurity operation related experience or 4+ years software analyst/programming related experience.
- Splunk Admin or Architect Level Certifications
Target salary range: $75,001 - $100,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.