Logo
Peraton

Splunk Back-end Engineer

Peraton, WorkFromHome

Save Job

BASIC QUALIFICATIONS:

  • Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, Engineering, or related IT field with 5 years of relevant experience; or Master's degree and 3 years’ relevant experience; or high school diploma/equivalent and 9 years relevant experience.
  • Minimum 5 years hands-on experience administering Splunk Enterprise or Cloud and developing SOAR integrations, including Splunk Enterprise/Cloud forwarders, clustering, and indexer configuration.
  • 5 years’ experience with scripting skills in Python and PowerShell for automation and playbook development.
  • 3 years’ experience with tools such as Splunk Enterprise, Splunk Cloud, Splunk SOAR, Universal & Heavy Forwarders, Python, PowerShell, SOAR runbook frameworks, syslog ingestion, AWS S3/SQS ingest pipelines, Docker (for SOAR apps), Git for configuration management.
  • Must be a US Citizen.

PREFERRED QUALIFICATIONS:

  • Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, Engineering, or related IT field with 6 years of relevant experience; or Master's degree and 4 years’ relevant experience; or high school diploma/equivalent and 10 years relevant experience.
  • Proven ability to optimize SPL performance and scale large ingest pipelines.
  • Excellent troubleshooting, documentation, and collaboration skills.
  • In-depth understanding of the CDM program and its phases.
  • Proficiency in Zero Trust principles, including micro-segmentation, least-privilege access, and continuous verification.
  • Expertise in NIST RMF (SP 800-37/SP 800-53).
  • Familiarity with CASM model for control evaluation.
  • Knowledge of FISMA requirements and reporting processes.
  • Experience with FedRAMP security controls and managing authorization packages.
  • Understanding of DISA STIG and SCAP standards.
  • Ability to map controls to CISA CDM dashboard metrics.

Peraton is seeking a Splunk Back-End Engineer to build, maintain, and optimize our Splunk platform and security workflows. Responsibilities include ensuring reliable data ingestion, platform upgrades, automating incident playbooks, and tuning search performance. Prior FAA experience is highly desirable. This is a remote position with occasional onsite support in Washington, DC, Oklahoma City, OK, or Egg Harbor Township, NJ.

KEY RESPONSIBILITIES:

  • Plan and execute platform upgrades, build configuration artifacts, and remediate vulnerabilities.
  • Manage data ingestion and indexing, onboard new data sources, and validate data quality.
  • Develop and maintain SOAR playbooks for incident response automation.
  • Optimize searches and reporting, create dashboards, and tune SPL queries.
  • Conduct capacity planning and performance tuning.
  • Document procedures, troubleshoot support tickets, and mentor team members.
#J-18808-Ljbffr