Bossier City, Louisiana, USA
44 days ago
Splunk Engineer

Own your career as a Splunk Engineer at GDIT. Here, you’ll have the opportunity to build strong lines of cyber defense using cutting-edge technologies. Your work in cyber security at GDIT will have an impact on securing our clients’ missions and ensuring we anticipate the threats of tomorrow.

At GDIT, people are our differentiator. As Splunk Engineer, you will help ensure today is safe and tomorrow is smarter. Our work depends on a Splunk Engineer joining our team to provide technical expertise in support of Cyber innovation.

HOW A SPLUNK ENGINEER ADVISOR WILL MAKE AN IMPACT:

Support ongoing OMB M-21-31 effortsMaturing Splunk Data Lake under CIM Compliance ModelPrioritizing data sourcesIdentifying parsing and tagging issuesWorking with our Splunk Core administrator team to fix the parsing and tagging issuesUpdating CIM data modelsWorking with our Threat Intelligence team to add signatures and detections in Splunk Enterprise Security's Threat Intelligence FrameworkWorking with our Incident Response teamCreating and tuning detections for attacks and vulnerabilities in Splunk Enterprise SecurityFixing issues with the data in Splunk, such as missing fields or missing data typesAssist our IR team with search queriesCreating scripts to automate tasksUsing Splunk SOAR to create and improve existing automation use cases/playbooksConfiguring and maintaining the Splunk Enterprise Security Asset and Identity FrameworkIdentifying sources for asset dataIdentifying sources for asset location and ownership informationOptimizing and Tuning Splunk UBAAssisting Splunk users with creating queries, reports and dashboards

WHAT YOU’LL NEED TO SUCCEED:

BA/BS and 8+ years of relevant experience or equivalent years of experience2+ years of Splunk Administration experienceActive Splunk Enterprise Security Admin and Splunk Advanced Power User certificationsSecurity+/GSEC/CASP/CISSP/Cloud or equivalent 8570 Cyber Security CertificationAbility to manage long term projectsProactively identify and correct problemsWriting documentation and SOPsWorking with vendor support to resolve issuesAbility to work with other teams at the EPA, such as firewall, networking and vulnerability management teamsMust possess or be able to obtain and maintain Public TrustUS Citizenship required

NICE TO HAVES:

Previous experience at the EPABasic knowledge about incident response, threat intelligence and vulnerability managementFamiliar with SCCMFamiliar with Microsoft DefenderFamiliar with asset management, Xacta, FISMA systems, ADC processAbility to write scrips in PowerShell and PaythonExisting EPA privileged account

GDIT IS YOUR PLACE:

Full-flex work week to own your priorities at work and at home401K with company matchComprehensive health and wellness packagesInternal mobility team dedicated to helping you own your careerProfessional growth opportunities including paid education and certificationsCutting-edge technology you can learn fromRest and recharge with paid vacation and holidays
Confirm your E-mail: Send Email