What are the responsibilities and job description for the Splunk Core Engineer - TS/SCI w/FS Poly position at Calibrate North?
Job Title: Splunk Core Engineer
Location: Fort Meade, MD
Clearance: Top Secret, Full Scope Polygraph (TS/SCI w/ FSP)
Position Summary
We are seeking a highly skilled Senior Splunk Core Engineer with expertise in Splunk IT Service Intelligence (ITSI) and Enterprise Security (ES) to support cybersecurity operations in a customer environment. The ideal candidate will have extensive experience in Security Operations Center (SOC) functions, SIEM operations, and Defensive Cyber Operations (DCO). This role will be responsible for maintaining, operating, and enhancing Splunk security products, providing technical expertise, and contributing to the customer’s cybersecurity strategy and SOC policies.
Responsibilities
- Operate and maintain Splunk IT Service Intelligence (ITSI) within customer environments.
- Develop, plan, and implement Splunk Security Products to enhance cybersecurity operations.
- Provide technical expertise in SIEM operations, threat hunting (Tier II), and Defensive Cyber Operations (Tier III).
- Support SOC functions, including Tier I alerting, investigations, and ongoing monitoring (O&M) of the Splunk Enterprise Security (ES) platform.
- Analyze and articulate analytical and security practices to improve incident detection, investigation, and response.
- Work with cross-functional teams to develop security best practices and enhance security operations.
- Provide technical consulting and strategic recommendations for improving cybersecurity policies and security postures.
- Develop and implement Splunk dashboards, alerts, and analytics to improve monitoring capabilities.
RequirementsEducation & Experience:
- BA/BS in Computer Science, Computer Engineering, Cybersecurity, or equivalent work experience (preferred but not required).
- 8 years of experience in technical consulting, big data analytics, or security operations.
- Prior experience implementing Splunk Security Products is preferred.
- Splunk Core Consultant Certification
- Splunk IT Service Intelligence (ITSI) Accreditation
- Splunk Enterprise Security (ES) Accreditation
- Strong expertise in Splunk ITSI and Enterprise Security (ES).
- Experience with Security Information and Event Management (SIEM) platforms.
- Strong knowledge of SOC operations, threat detection, threat hunting, and incident response.
- Experience with Tier I alerting, Tier II investigations, and Tier III Defensive Cyber Operations (DCO).
- Proficiency in developing Splunk dashboards, custom alerts, and automation.
- Ability to analyze large datasets for security analytics and reporting.
- Experience working in multi-domain and large enterprise environments.
Benefits
- Annual Leave
- United Healthcare Medical Plan Options
- United Healthcare Dental Plan
- United Healthcare Vision Plan
- 401k Plan
- Life Insurance, Short Term Disability (STD) and Long Term Disability (LTD) Plans
- Flexible Spending/ Section 125 Plans
- Additional Ancillary Insurance Options
