Logo
ClearanceJobs

Splunk Security Engineer

ClearanceJobs, Suitland

Save Job
Splunk Security Engineer

Are you ready to turn your skills into real-world impact? Join Leidos as a Splunk Security Engineer in Suitland, MD and be at the forefront of mission-critical cybersecurity. From defending networks to building scalable automation, your work will shape the response and resilience of national operations.

What You'll Do

  • Develop, maintain, and execute automated SOAR playbooks that interact across systems and devices
  • Analyze log events, correlate data across multiple sources, and enhance threat detection and response workflows
  • Using SOAR connectors, design integrations between Splunk SOAR and standard DoD products such as Trellix ePO, Tanium, Cisco (FirePower, ISE, Email Gateways, AMP, switch/routers), Palo Alto Firewalls, Microsoft Active Directory, DNS, Exchange, SharePoint, IIS, SQL, Apache, Tomcat, RSA SecurID, Tenable.SC and Nessus, VMWare vCenter/ESXi, ServiceNow, Azure and AWS, NetApp, Windows and Linux. Connectors may use APIs, tokens, or service accounts, so understanding these options is important
  • Configure and manage Splunk Enterprise Security, including maintaining CIM compliance, Risk-Based Alerting (RBA), ticketing, and SIEM integrations
  • Update and configure new Enterprise Security Content Updates when released.
  • Lead the full lifecycle of automation - from concept through deployment to documentation and tuning
  • Build visual dashboards, reports, and context-aware incident response tools
  • Support operational readiness, compliance, and proactive detection technologies across endpoint, cloud, network, and email infrastructures
  • Apply patches and upgrades to Splunk SOAR and connectors
  • Maintain existing/create new fleet of Development VMs (Windows, Linux) that allow you to test and demonstrate playbook functionality
  • Fully test and document playbook execution in the Development environment and be authoritative on presentation of playbook examples to new teams targeted for integration

What You'll Bring

Required:

  • Active DoD TS/SCI clearance
  • Bachelor's degree and 8+ years of experience or Master's and 6+ years. Additional experience, training, or certifications may be considered in lieu of a degree.
  • Current IAT Level II certification (e.g., Security+ CE) or the ability to obtain within 30 days
  • 5+ years in Splunk SOAR/Phantom: playbook development, troubleshooting, and integrations
  • Deep expertise in Splunk Administration, security event analysis, and Python-based automation
  • Strong working knowledge of cross-platform integrations and security tool APIs
  • Experience with process improvement in fast-moving security environments

Preferred:

  • IAT Level III certification (e.g., CISSP)
  • Splunk Certified Enterprise Security Administrator
  • Proficiency in standard DoD Security and Operational products such as Active Directory, DNS, FWs (packet flows), Email, ACAS, Trellix/Tanium, Splunk, STIGs, Windows/Linux and the standard services associated with these operating systems and products
  • Technical writing skills for SOPs and integration documentation
  • Completion of Splunk SOAR training courses
  • Experience with MITRE ATT&CK integration and SOC-level triage workflows

Why You'll Love Working Here

  • Mission-Focused: Your skills will directly strengthen national security operations
  • Innovation-Driven: Get hands-on with advanced automation tools and frameworks
  • Growth-Oriented: Access certifications, trainings, and cutting-edge technical challenges
  • Team-Centric: Collaborate with passionate experts across cybersecurity, engineering, and intelligence

Ready to Elevate Your Impact? Apply now and become a driving force behind modern defense operations at Leidos.