Splunk Cybersecurity Engineer Job at Booz Allen Hamilton in Washington

Overview Your growth matters to us - explore our career development opportunities. BE EMPOWERED TO SUCCEED: Connect with others in our people-first culture and enhance our collective ingenuity. SUPPORT YOUR WELLBEING: Learn how we’ll support you as you pursue a balanced, fulfilling life. YOUR CANDIDATE JOURNEY: Discover what to expect during your journey as a candidate with us. The Opportunity Warnings about cyber threats are everywhere, and the evolving nature of these threats can make understanding them seem overwhelming to the intelligence community. In this cyber landscape, your work as a cybersecurity engineer will break down complex threats into manageable plans of action. You will work with an expert team focused on implementing and operating next-generation security solutions for government and commercial clients. You’ll use Splunk and integrate it with tools like HBSS, Enterprise Security Manager (ESM), Network Security Manager (NSM), NetFlow, and Intrusion Detection Systems (IDS) to monitor, detect, and analyze threats. You’ll perform hands-on evaluation, implementation, and operation of leading security cyber defense tools and technologies and apply defense strategies for large, complex networks to rapidly identify vulnerabilities and threats and prioritize response actions, including developing effective countermeasures. You’ll support risk management and security compliance of specified cybersecurity tools and apply thought leadership to solving complex security challenges in a collaborative and innovative environment. On our team, you will architect, develop, and operationalize software solutions and systems that perform cyber data analytics at scale across technology platforms. You’ll contribute to developing solutions to problems of moderate scope and complexity, delivering data management outcomes for the security analytics platform with attention to data architecture, design, storage, database technology, efficient data flows, mappings, and scripting or software development. You’ll develop and deploy tools and services that simplify discovering, connecting, transferring, storing, and hosting data to empower cyber teams, while supporting data governance and governance rules. Join us. The world can’t wait. You Have 3+ years of experience utilizing Splunk Enterprise Experience deploying, configuring, and performing functional testing and data validation in a Splunk environment Experience performing systems administration with Splunk, including installation, configuration, monitoring performance and availability, upgrades, and troubleshooting in Windows and Linux Server environments Experience creating custom dashboards, writing queries, generating reports, and setting up alerts and notifications Experience with DoD Risk Management Framework Active TS/SCI clearance; willingness to take a polygraph exam Associate’s degree and 5+ years of experience supporting IT projects and activities, Bachelor’s degree and 3+ years of experience, or Master’s degree and 1+ years of experience DoD 8570.01-M Information Assurance Technician (IAT) Level II Certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND Certification Ability to obtain a DoD 8570.01-M Cybersecurity Service Provider - Infrastructure Support Certification (e.g., CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND) within 30 days of start date Nice If You Have Experience with fields abstraction Experience with data modeling using Splunk Experience with workflows and drilldown queries Experience administering Splunk in distributed deployments Experience with site surveys, data gathering, and research and analysis regarding deploying and implementing security tools Experience with DevSecOps and Elasticsearch, Logstash, & Kibana (ELK) Ability to ingest and parse logs within Splunk Excellent verbal and written communication skills, including presenting complex ideas to clients and internal staff Excellent problem-solving skills Advanced Splunk Certification such as Splunk Certified Power User Certification Clearance Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required. Compensation At Booz Allen, we celebrate your contributions, provide opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and demonstrates our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen’s benefit programs. The compensation range for this position is $77,600.00 to $176,000.00 (annualized USD). This posting will close within 90 days from the Posting Date. Identity Statement As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud. Work Model Our people-first culture prioritizes flexibility and collaboration, whether in person or remote. If listed as remote or hybrid, you’ll periodically work from Booz Allen or client sites. If listed as onsite, you’ll work with colleagues and clients in person, as needed. Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to disability, veteran status, or any other status protected by applicable law. #J-18808-Ljbffr