Splunk Engineer Jr.

Position Title : Splunk Engineer Jr.

Location : Ashburn, VA

Clearance : TS

We are an employee-centric company that truly appreciates our team members and their value to our customers and the missions they support.

We pride ourselves on being forward-leaning thinkers and fostering teams that are and continue to be technically proficient and technically capable across a comprehensive range of cyber mission areas.

OneZero full-time employees receive an extremely competitive benefits package that includes health / dental / vision / life insurance plans, 401K with company matching, PTO & paid holidays, employee referral program, and educational assistance.

Additional details can be found on our website at :

Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks / wide area networks (LAN / WAN), commercial Internet connection, public facing websites, wireless, mobile / cellular, cloud, security devices, servers and workstations.

The CBP SOC is responsible for the overall security of CBP Enterprise-wide information systems, and collects, investigates and reports any suspected and confirmed security violations.

The DHS CBP SOC Program has a critical need for a Splunk Jr. Engineer. This is a full time funded position based in Ashburn, VA.

The candidate should have experience deploying and configuring Universal Forwarders and possess demonstrable knowledge of data collection methods such as Syslog, JDBC, or API.

This position requires solid experience developing Splunk search queries, and dashboards and reports. Nice to have skills include Unix administration, scripting, understanding of Federal regulatory requirements, and experience using Jira and Confluence.

Must be a US citizen, no clearance required and in addition, must have a current or be able to favorably pass a (BI) Background Investigation to join this program.

Must have experience in the following :

• Splunk Engineering
• Linux and SQL / ODBC interfaces
• App interface development, using REST API's
• Previous project management experience.
• ITIL Change & Configuration Management
• Experience with Ansible and GIT

The candidate should be familiar with recognizing and onboarding new data sources into Splunk, analyzing the data for anomalies and trends, and building dashboards highlighting the key trends of the data.

The Splunk engineer should be familiar with a Linux environment, editing and maintaining Splunk configuration files and apps.

The Splunk engineer will work with other Cybersecurity Engineering team members and will be required to interact with end users to gather requirements, perform troubleshooting, and provide assistance with the creation of Splunk search queries and dashboards.

The Splunk engineer will be required interact with senior management, as necessary.

Must have one of the following J3 Certifications

CompTIA Advanced Security Practitioner (CASP)

CompTIA Security+

GCIH - Incident Handler

GCWN - Windows Security Administrator

GISF - Security Fundamentals

GSSP - Secure Software Programmer

GICSP -Cyber Security Professional

GSSP - Secure Software Programmer

SEI (Software Engineering Institute)

CCSP - Certified Cloud Security Professional

CISSP - Certified Information Systems Security

CSSLP - Certified Secure Software Lifecycle Professional

SSCP - Systems Security Certified Practitioner

CCNP

CCNP Security

CCIE Security

CEH - Certified Ethical Hacker

ENSA - EC-Council Network Security Administrator

ECSP - EC-Council Certified Secure Programmer

MCSE - Microsoft Certified Solutions Expert (Server)

RHCA

RHCE

VCA (Certified Associate)

VCP (Certified Professional)

VCAP (Certified Advanced Professional)

VCIX (Implementation Expert)

VCDX (Certified Design Expert)

Converged Infrastructure Specialist

Certified Implementation Engineer Specialist

Certified Data Administrator Professional

Certified Storage Associate

Certified Splunk Architect

Job Posted by ApplicantPro