About NDi:
Network Designs, Inc. (NDi) is a leading Federal contractor that specializes in designing, developing, and delivering information technology and network solutions for government customers. Founded in 1985, NDi's firmly defined core values have driven all aspects of the business, which have been paramount to our company's success and the establishment of an enjoyable workplace atmosphere. At NDi, we believe that our people are the cornerstone of our success, and we value collaboration, career growth, and winning ideas. Military Veterans Encouraged to Apply.
Job Description:
We're looking for a Splunk Back-End Engineer to build, maintain, and optimize our Splunk platform and security orchestration workflows. You'll ensure reliable data ingestion, perform platform upgrades, automate incident playbooks, and tune search performance to power analytics and reporting solutions.
Requirements:
- U.S. Citizenship is required
- Must be able to obtain a Public Trust clearance.
- This position is remote with occasional travel to DC, MD, VA, WV, NJ, and OK.
Qualifications and Experience:
- Bachelor's degree in Computer Science, Cybersecurity, Information Systems, Engineering, or related IT field.
- Minimum 6 years hands-on experience administering Splunk Enterprise or Cloud and developing SOAR integrations.
- Expert proficiency with Splunk Enterprise, Splunk Cloud, forwarders, clustering, and indexer configuration.
- Strong scripting skills in Python and PowerShell for automation and playbook development.
- Proven ability to optimize SPL performance and scale large ingest pipelines.
- Excellent troubleshooting, documentation, and collaboration skills.
Preferred Qualifications:
- In-depth understanding of the Continuous Diagnostics and Mitigation (CDM) program and its phases (vulnerability management, configuration management, identity and access management, and incident response).
- Proficiency in Zero Trust principles, including micro-segmentation, least-privilege access, and continuous verification of users, devices, and services.
- Expertise in the NIST Risk Management Framework (RMF) (SP 800-37/SP 800-53), from categorization through monitoring and continuous authorization.
- Familiarity with the Cybersecurity Assessment and Secure Mission (CASM) model for evaluating control effectiveness and mission impact.
- Knowledge of Federal Information Security Modernization Act (FISMA) requirements and annual reporting processes.
- Experience applying FedRAMP security controls for cloud service providers and managing authorization packages (SSP, SAR, POA&M).
- Understanding of DISA STIG and SCAP standards for system hardening and automated compliance checking.
- Ability to map organizational controls to CISA CDM dashboard metrics and drive dashboard data integrations.
Responsibilities:
Plan and Execute Platform Upgrades:
- Roll out Splunk Enterprise and Cloud upgrades; build configuration artifacts and run regression tests.
- Stabilize upgraded indexers and search heads and remediate vulnerabilities.
Manage Data Ingestion and Indexing:
- Configure universal and heavy forwarders for Windows and Linux; define inputs, sourcetypes, and volume/retention policies.
- Onboard new data sources (syslog servers, firewall logs, cloud storage); validate data quality.
Develop and Maintain SOAR Playbooks:
- Build and tune SOAR runbooks for EDR isolation, script execution, and malware hash evaluation.
- Automate incident ingest, enrichment, and response via Python and PowerShell scripts.
Optimize searches and reporting:
- Create and refine saved searches, alerts, summary indexes, and dashboards for security and operations use cases.
- Tune SPL queries and accelerate dashboard load times under heavy data volumes.
Capacity planning and performance tuning:
- Monitor cluster health; scale indexers/search heads; adjust clustering and resource allocation.
- Conduct performance tuning for ingestion pipelines and search concurrency.
Documentation & Support:
- Author runbooks, architecture diagrams, and user guides for configuration, troubleshooting, and capacity planning.
- Troubleshoot support tickets and mentor junior team members
Required Tools & Technologies:
Splunk Enterprise · Splunk Cloud · Splunk SOAR · Universal & Heavy Forwarders · Python · PowerShell · SOAR runbook frameworks · syslog ingestion · AWS S3/SQS ingest pipelines · Docker (for SOAR apps) · Git for configuration management
Compensation and Benefits:
At NDi, we value our team and are committed to retaining top talent by offering competitive benefits and compensation packages. Our employee benefits package includes comprehensive health, dental, vision, pet, and legal insurance. Our corporate benefits include 401(k) retirement matching, paid leave, paid holidays, and health and wellness programs. In addition, we provide employer-paid life and disability insurance, professional development, education benefits, and much more to ensure our team has the resources they need to thrive on and off the job.
Veterans First Commitment:
As a Service-Disabled Veteran-Owned Small Business (SDVOSB), NDi is dedicated to hiring veterans and providing a supportive work environment that honors their service while recognizing the unique skills and experiences they bring to our organization.
Commitment to Diversity:
NDi is an Equal Opportunity Employer. We are committed to creating a diverse environment and are proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran or military status, citizenship, national origin, or any other basis prohibited by law in all phases of the employment process and compliance with applicable federal, state, and local laws and regulations. As a federal government contractor, NDi complies with all applicable affirmative action requirements.
Apply Now: Take advantage of this unique opportunity to join one of the fastest-growing companies in Federal contracting!
#J-18808-Ljbffr