Splunk Security Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

G2IT, LLC. · 4 months ago

Splunk Security Engineer

positionSuitland, Maryland, United States
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
date8+ years exp

G2IT is focused on enhancing cybersecurity operations, and they are seeking a Splunk Security Engineer to play a key role in this mission. The engineer will be responsible for building and maintaining Splunk SOAR playbooks, configuring Splunk Enterprise Security, and integrating various DoD systems and security tools to improve threat detection and incident response workflows.

AnalyticsInformation TechnologyIT InfrastructureProduct DesignSoftware
badNo H1BnoteSecurity Clearance Requirednote

Responsibilities

Develop, maintain, and execute automated SOAR playbooks across multiple systems and devices
Analyze log events, correlate data, and enhance threat detection and incident response workflows
Design and manage integrations between Splunk SOAR and DoD security platforms (e.g., Trellix ePO, Tanium, Cisco, Palo Alto, Active Directory, Tenable.SC/Nessus, VMware, ServiceNow, Azure, AWS, NetApp, Windows/Linux)
Configure and administer Splunk Enterprise Security (ES), ensuring CIM compliance, Risk-Based Alerting (RBA), ticketing, and SIEM integrations
Apply and validate Enterprise Security Content Updates (ESCU)
Lead the automation lifecycle: concept, deployment, documentation, and tuning
Build dashboards, reports, and response tools for security teams
Ensure compliance, operational readiness, and proactive detection across cloud, endpoint, network, and email infrastructures
Apply patches and upgrades to Splunk SOAR and its connectors
Maintain and expand development/test environments (Windows/Linux) for playbook validation
Fully test and document playbook execution, presenting solutions to stakeholders

Qualification

Splunk SOARSplunk AdministrationPython automationIAT Level II certificationDoD security toolsProcess improvementMITRE ATT&CK familiarityTechnical writing

Required

Active DoD TS/SCI clearance
Bachelor's degree with 8+ years of relevant experience, or Master's with 6+ years (additional experience/certifications may substitute)
Current IAT Level II certification (e.g., Security+ CE) or ability to obtain within 30 days
5+ years of Splunk SOAR/Phantom experience (playbook development, troubleshooting, integrations)
Expertise in Splunk Administration, security event analysis, and Python automation
Strong knowledge of cross-platform integrations and security tool APIs
Proven success in process improvement within dynamic security environments

Preferred

IAT Level III certification (e.g., CISSP)
Splunk Certified Enterprise Security Administrator
Proficiency with DoD security/operational tools (Active Directory, DNS, firewalls, email, ACAS, Trellix/Tanium, Splunk, STIGs, Windows/Linux)
Strong technical writing skills for SOPs and documentation
Completion of Splunk SOAR training courses
Familiarity with MITRE ATT&CK and SOC triage workflows

Company

G2IT, LLC.

twittertwittertwitter
company-logo
G2IT is an 8(a), Woman-Owned Small Business (WOSB) and Economically Disadvantaged Woman-Owned Small Business (EDWOSB), headquartered in Annapolis, Maryland.
dateFounded in 2014
location
Annapolis, Maryland, USA
people-size51-200 employees
web-link
https://www.g2-it.com/

Funding

Current Stage
Growth Stage
Company data provided by crunchbase