Jacobs Splunk Engineer in Columbia, Maryland
This is an opportunity to work hand-in-hand with the customer on an exciting and dynamic program. The team provides a full suite of cutting edge, and industry leading solutions and hands-on support with designing, implementing, managing, and sustaining operations on a multitude of different network environments. We provide an environment that fosters and supports innovation and creating outside the box thinking to solve complex problems. There are several training opportunities for team members that want to learn new technologies and stay current with their technical skillset. We are a highly technical group and nurture growth, with a technical culture of cross-trained teammates with opportunities to develop additional skillsets.
The Splunk Engineer works with the customer to determine log management and SIEM needs, evaluate existing systems, for improvements, gaps, and next generation architecture and design. Designs and deploys new systems and upgrades existing systems as needed to meet customer needs and protect systems from emerging threats. The Splunk Engineer will identify gaps in malicious activity detection capabilities, create new signatures / rules to improve detection of malicious activity and test and tune existing signatures / rules to ensure low rate of false positives. The Splunk Engineer will assist in playbook development for alert triage and Incident Response, define and implement alert and threat detection metrics, statistics, and analytics. The Engineer will recommend new tools/technologies to improve network visibility, support Incident Response and Forensic operations as required to include static/dynamic malware analysis and reverse engineering, and author and maintain scripts for threat detection and automation.
The Splunk Engineer will have direct hands on experience with tools such as Logstash, Podman, Docker, Splunk, Corelight, Security Onion, Windows Operating System, and Red Hat Enterprise License.
This position is a true “hands-on-keyboard” role in which you will be required to both independently, and as part of a broader team, install, configure, and maintain Splunk and other SOC related applications.
Here’s What You’ll Need:
4+ years of Experience working as an information security engineer or within a SOC
Required IAT Certs: one or more of the following: CASP+, CISA, CISSP, GCIH, CEH, GIAC, GCIA, CCNP-Security
Required Vendor Cert: Splunk, Microsoft, Cisco, Linux, or any other related vendor certification
Jacobs is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, religion, creed, color, national origin, ancestry, sex (including pregnancy, childbirth, breastfeeding, or medical conditions related to pregnancy, childbirth, or breastfeeding), age, medical condition, marital or domestic partner status, sexual orientation, gender, gender identity, gender expression and transgender status, mental disability or physical disability, genetic information, military or veteran status, citizenship, low-income status or any other status or characteristic protected by applicable law. Learn more about your rights under Federal EEO laws and supplemental language.