Leidos
Description
Are you ready to turn your skills into real-world impact? Join
Leidos
as a
Splunk Security Engineer
in Suitland, MD and be at the forefront of mission-critical cybersecurity. From defending networks to building scalable automation, your work will shape the response and resilience of national operations.
What You'll Do
As a core member of our security engineering team, you will:
Develop, maintain, and execute
automated SOAR playbooks
that interact across systems and devices
Analyze log events, correlate data across multiple sources, and enhance threat detection and response workflows
Using SOAR connectors, design integrations between
Splunk SOAR
and standard DoD products such as Trellix ePO, Tanium, Cisco (FirePower, ISE, Email Gateways, AMP, switch/routers), Palo Alto Firewalls, Microsoft Active Directory, DNS, Exchange, SharePoint, IIS, SQL, Apache, Tomcat, RSA SecurID, Tenable.SC and Nessus, VMWare vCenter/ESXi, ServiceNow, Azure and AWS, NetApp, Windows and Linux. Connectors may use APIs, tokens, or service accounts, so understanding these options is important
Configure and manage
Splunk Enterprise Security
, including maintaining CIM compliance, Risk-Based Alerting (RBA), ticketing, and SIEM integrations
Update and configure new Enterprise Security Content Updates when released.
Lead the full lifecycle of automation - from concept through deployment to documentation and tuning
Build visual dashboards, reports, and context-aware incident response tools
Support operational readiness, compliance, and proactive detection technologies across endpoint, cloud, network, and email infrastructures
Apply patches and upgrades to Splunk SOAR and connectors
Maintain existing/create new fleet of Development VMs (Windows, Linux) that allow you to test and demonstrate playbook functionality
Fully test and document playbook execution in the Development environment and be authoritative on presentation of playbook examples to new teams targeted for integration
What You'll Bring
Required:
Active DoD TS/SCI clearance
Bachelor's degree and 8+ years of experience or Master's and 6+ years. Additional experience, training, or certifications may be considered in lieu of a degree.
Current
IAT Level II certification
(e.g., Security+ CE) or the ability to obtain within 30 days
5+ years in Splunk SOAR/Phantom: playbook development, troubleshooting, and integrations
Deep expertise in
Splunk Administration
, security event analysis, and Python-based automation
Strong working knowledge of cross-platform integrations and security tool APIs
Experience with process improvement in fast-moving security environments
Preferred:
IAT Level III certification
(e.g., CISSP)
Splunk Certified Enterprise Security Administrator
Proficiency in standard DoD Security and Operational products such as Active Directory, DNS, FWs (packet flows), Email, ACAS, Trellix/Tanium, Splunk, STIGs, Windows/Linux and the standard services associated with these operating systems and products
Technical writing skills for SOPs and integration documentation
Completion of
Splunk SOAR training courses
Experience with
MITRE ATT&CK
integration and SOC-level triage workflows
Why You'll Love Working Here
Mission-Focused
: Your skills will directly strengthen national security operations
Innovation-Driven
: Get hands-on with advanced automation tools and frameworks
Growth-Oriented
: Access certifications, trainings, and cutting-edge technical challenges
Team-Centric
: Collaborate with passionate experts across cybersecurity, engineering, and intelligence
Ready to Elevate Your Impact?
Apply now and become a driving force behind modern defense operations at Leidos.
NITESONI
EIO2024
Original Posting:
July 10, 2025
For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range:
Pay Range $104,650.00 - $189,175.00
The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
REQNUMBER: R-00162447
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. Leidos will consider qualified applicants with criminal histories for employment in accordance with relevant Laws. Leidos is an equal opportunity employer/disability/vet.
Are you ready to turn your skills into real-world impact? Join
Leidos
as a
Splunk Security Engineer
in Suitland, MD and be at the forefront of mission-critical cybersecurity. From defending networks to building scalable automation, your work will shape the response and resilience of national operations.
What You'll Do
As a core member of our security engineering team, you will:
Develop, maintain, and execute
automated SOAR playbooks
that interact across systems and devices
Analyze log events, correlate data across multiple sources, and enhance threat detection and response workflows
Using SOAR connectors, design integrations between
Splunk SOAR
and standard DoD products such as Trellix ePO, Tanium, Cisco (FirePower, ISE, Email Gateways, AMP, switch/routers), Palo Alto Firewalls, Microsoft Active Directory, DNS, Exchange, SharePoint, IIS, SQL, Apache, Tomcat, RSA SecurID, Tenable.SC and Nessus, VMWare vCenter/ESXi, ServiceNow, Azure and AWS, NetApp, Windows and Linux. Connectors may use APIs, tokens, or service accounts, so understanding these options is important
Configure and manage
Splunk Enterprise Security
, including maintaining CIM compliance, Risk-Based Alerting (RBA), ticketing, and SIEM integrations
Update and configure new Enterprise Security Content Updates when released.
Lead the full lifecycle of automation - from concept through deployment to documentation and tuning
Build visual dashboards, reports, and context-aware incident response tools
Support operational readiness, compliance, and proactive detection technologies across endpoint, cloud, network, and email infrastructures
Apply patches and upgrades to Splunk SOAR and connectors
Maintain existing/create new fleet of Development VMs (Windows, Linux) that allow you to test and demonstrate playbook functionality
Fully test and document playbook execution in the Development environment and be authoritative on presentation of playbook examples to new teams targeted for integration
What You'll Bring
Required:
Active DoD TS/SCI clearance
Bachelor's degree and 8+ years of experience or Master's and 6+ years. Additional experience, training, or certifications may be considered in lieu of a degree.
Current
IAT Level II certification
(e.g., Security+ CE) or the ability to obtain within 30 days
5+ years in Splunk SOAR/Phantom: playbook development, troubleshooting, and integrations
Deep expertise in
Splunk Administration
, security event analysis, and Python-based automation
Strong working knowledge of cross-platform integrations and security tool APIs
Experience with process improvement in fast-moving security environments
Preferred:
IAT Level III certification
(e.g., CISSP)
Splunk Certified Enterprise Security Administrator
Proficiency in standard DoD Security and Operational products such as Active Directory, DNS, FWs (packet flows), Email, ACAS, Trellix/Tanium, Splunk, STIGs, Windows/Linux and the standard services associated with these operating systems and products
Technical writing skills for SOPs and integration documentation
Completion of
Splunk SOAR training courses
Experience with
MITRE ATT&CK
integration and SOC-level triage workflows
Why You'll Love Working Here
Mission-Focused
: Your skills will directly strengthen national security operations
Innovation-Driven
: Get hands-on with advanced automation tools and frameworks
Growth-Oriented
: Access certifications, trainings, and cutting-edge technical challenges
Team-Centric
: Collaborate with passionate experts across cybersecurity, engineering, and intelligence
Ready to Elevate Your Impact?
Apply now and become a driving force behind modern defense operations at Leidos.
NITESONI
EIO2024
Original Posting:
July 10, 2025
For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range:
Pay Range $104,650.00 - $189,175.00
The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
REQNUMBER: R-00162447
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. Leidos will consider qualified applicants with criminal histories for employment in accordance with relevant Laws. Leidos is an equal opportunity employer/disability/vet.