Lead SPLUNK Enterprise Security Engineer

Remote VA Leidos


Leidos has an exciting opportunity for a Lead SPLUNK Enterprise Security Engineer with experience working with cloud (AWS) technologies. This position is in support of the Air Force Cloud One Virtual Data Center contract as a systems service provider maintaining and providing Human Resources Systems in a GovCloud (AWS) environment. The Air Force A1 Enclave by Cloud One Program is an existing global, interconnected, virtualized hybrid, and IT infrastructure that hosts mission systems, applications, services, and data in support of DoD Services and Agencies.  On-Call after hours support may be required for critical systems. The candidate will collaborate with the customer to determine root cause analysis and corrective actions. This position is 100% remote.

The Lead Splunk Enterprise Security Engineer selected for this position will be part of a team working with Government Stakeholders responsible for the design, planning, management, support, and oversight of the A1 Enclave Cloud One Infrastructure with specific focus on the Splunk and Splunk Enterprise Security implementation.  The A1 Enclave SPLUNK team will configure and troubleshoot the Splunk environment and dashboards.

Primary Responsibilities

  • Provide direct Splunk Enterprise security engineering, administration and maintenance support to the Infrastructure as a Service (IaaS) environment.

  • Discover and resolve issues with Splunk servers in virtual environment.

  • Design new capabilities and enhancements (to include Cloud Migration and Analytics design and development) and create efficiencies within the AWS environments.

  • Develop, update and sustain Splunk environment to all backend support and front end displays to include dashboards and alerting supporting the A1 DTA Security Operations Center.

  • Maintain Heavy Forwarder, Indexer, and Search Head for 3 environments (Public Facing, PROD IL4, and TDE IL4)

  • Solve complex technical issues related to Splunk connectivity to environment and log ingestion from over 500 virtual AWS servers

  • Work with team members to deliver DevOps processes and automation and O&S capability.

  • Learn existing system capabilities and work to support the design of the new capabilities and enhancements (to include Cloud Migration and Analytics design and development).

  • Sets up administrator and service accounts and troubleshoot creates/updates and maintains system documentation, interacts with users and evaluates vendor products, deep understanding of monitoring AWS instances and services

  • Report findings to management with recommendations for resolution.

  • Lead small systems admin/engineering team

Basic Qualifications

  • Bachelor’s Degree and 8-12 years of prior relevant experience (12 years or more of experience and certifications in lieu of degree)

  • Four plus (4+) years of experience utilizing Splunk and Splunk Enterprise Security, creating dashboards for data analysis and reporting

  • Experience with implementing interactive features and drill-down capabilities in Splunk dashboards to enhance user experience and allow for deeper data exploration

  • Deep understanding of Splunk environment, configuration and infrastructure

  • Clearance: Active Secret required at time of hire.

  • Must have Security + (DoD 8570 series IAT Level II Certification) Sec+ minimum

  • Must have a Splunk Enterprise Security Certified Administrator certification

Preferred Qualifications

  • Splunk Enterprise Certified Architect

  • Experience interacting with government customers is preferred but not required

  • Experienced with multiple security concepts and methods, such as vulnerability assessments, data classification, privacy assessments, incident response, security policy creation, enterprise security strategies, architectures, and governance

  • Understanding of regulatory requirements and compliance issues affecting clients related to privacy and data protection

  • Strong written and presentational skills; ability to clearly communicate complex messages to a variety of audiences

  • Experience with enterprise architecture and working as part of a cross-functional team to implement solutions

  • Strong interpersonal and communication skills; ability to work in a team environment

  • Ability to work independently with minimal direction; self-starter/self-motivated

  • Experience working in a team environment with the ability to mentor junior team members

Agile methodology experience/SAFe/SCRUM/ACP

Pay Range:

Pay Range $97,500.00 – $176,250.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.


To apply for this job please visit itjobpro.com.