What are the responsibilities and job description for the Splunk Engineer/ Architect (S-NET) position at Waypoint Human Capital?
Position Type: Full-time
Location Type: Onsite
Clearance Required: Active TS w/ SCI eligibility
Waypoint’s client is seeking a Splunk Engineer/ Architect to maintain and enhance the existing Splunk infrastructure in the enterprise. Further projects will involve the implementation of Splunk Enterprise Security (ES) and Security Orchestration, Automation, and Response (SOAR) and other vendor solutions.
Responsibilities:
*Waypoint Human Capital is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender, national origin, age, protected veteran status, or disability status.
Location Type: Onsite
Clearance Required: Active TS w/ SCI eligibility
Waypoint’s client is seeking a Splunk Engineer/ Architect to maintain and enhance the existing Splunk infrastructure in the enterprise. Further projects will involve the implementation of Splunk Enterprise Security (ES) and Security Orchestration, Automation, and Response (SOAR) and other vendor solutions.
Responsibilities:
- Implements, tests, operates advanced software security techniques in compliance with technical reference architecture.
- Performs on-going security testing and code review to improve software security.
- Troubleshoots and debugs issues that arise.
- Provides engineering designs for new software solutions to help mitigate security vulnerabilities.
- Contributes to all levels of architecture and maintains technical documentation.
- Consults team members on secure coding practices. Develops familiarity with new tools and best practices.
- Designing, implementing, and maintaining SIEM and SOAR solutions.
- Design and implement threat detection, automate incident response processes, integration of various security tools with SIEM and SOAR platforms via APIs
- Maintain SIEM applications to collect and aggregate IDS and IPS data from network sensors, raw data from collection agents, firewalls, proxy servers, DLP, antivirus, vulnerability scanner elements, and other security-relevant devices.
- Utilize expertise in Splunk "Search" language, Splunk Dashboards, Reports, Lookup Tables, and Summary Indexes. Build Splunk dashboards that take inputs from various data sources such as application logs / operating system logs / middleware logs / network feeds etc. and identify / highlight anomalous activities on the dashboards by their severity levels.
- Perform troubleshooting and provide assistance with the creation of Splunk search queries and dashboards.
- Proven experience as a Splunk Administrator or similarly named Splunk focused role.
- Strong understanding of Splunk architecture, components, and deployment options.
- Proficiency in Splunk Search Processing Language (SPL) for creating complex search queries and reports.
- Experience with Splunk data ingestion methods, including forwarders, HTTP Event Collector (HEC), and scripted inputs.
- Familiarity with Splunk Enterprise Security (ES), Qumolos, and Splunk SOAR are a plus.
- Solid understanding of IT infrastructure, including networking, operating systems, and security principles.
- Excellent problem-solving skills and attention to detail.
- Strong communication and collaboration abilities.
- 8140/8570 IAT Level III certification required.
- Splunk Architect is desired.
- Splunk Certified Administrator certification desired.
| Education Required | Salary Range |
| Requires 5 to 8 years with BS/BA or 3 to 5 years with MS/MA or 0 to 2 years with PhD. | 150-175K |
*Waypoint Human Capital is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender, national origin, age, protected veteran status, or disability status.
