Position: Splunk Cyber Security Solutions Engineer/Architect IV
Location: Morrisville, NC; Falls Church, VA; Eagan, MN;
Remote Considered only for locals
Description:
The Splunk Cyber Security Solutions Engineer/Architect IV will be responsible for implementing dynamic detections and integrating alerting platforms, including but not limited to Tanium, SEP, Microsoft Defender for Endpoint, Sysmon, Microsoft O365 Security Alerting, Analyst1, VDI, VMware, and Linux Audit Logging. The role emphasizes utilizing the advanced Risk-Based Alerting (RBA) security framework. This position also requires tuning and configuring Splunk Core and Splunk Enterprise Security (ES) services, developing use cases in collaboration with CISO end-users, and assisting in creating advanced security use cases.
Responsibilities include gathering requirements, architecting solutions, designing, and building technology to support the Continuous Monitoring Program. The individual will train and host workshops for CISO teams, assist with incident investigations, and provide off-hours and weekend support for systems maintenance.
Required Skills:
Expertise in Splunk, including use case development, dashboard creation, and data integration.
- Experience with risk-based alerting, advanced analytics, and security frameworks.
- Strong communication, collaboration, and organizational skills.
- Familiarity with SAAS or cloud-hosted Splunk implementations is a plus.
Experience:10+ years in cybersecurity and NIST standards.
- 5+ years of technical writing experience.
Certifications (One or more required):
- CompTIA Security+
- CPTE - Certified Penetration Testing Engineer or CEH - Certified Ethical Hacker
- CISA - Certified Information Systems Auditor
- CISSP, CISSP-ISSEP, CISSP-ISSAP, or CISSP-ISSMP preferred