OSC Technical Solutions · 1 month ago
Cyber Security Analyst IV (Splunk SIEM Engineering & Development)
United States
Full-time
Onsite
Senior Level, Lead/Staff
$110K/yr - $198K/yr
8+ years expOSC Technical Solutions is seeking a Cyber Security Analyst IV who will serve as a technical authority for SIEM architecture, development, and automation. The role focuses on building advanced correlation rules and dashboards to enhance the detection and response capabilities against cybersecurity threats while collaborating with various stakeholders.
Information Technology & Services
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Design, develop and maintain advanced dashboards, correlation searches and reports that deliver actionable visibility into security events and risks
Engineer scalable data ingestion pipelines, optimize search performance and maintain Common Information Model (CIM) compliance
Onboard, parse and normalize log data from diverse security tools, endpoints and cloud environments
Develop scripts and playbooks leveraging SOAR capabilities to streamline response processes and improve operational efficiency
Partner with SOC, IR and infrastructure teams to understand mission needs and deliver tailored Splunk solutions
Conduct platform health checks, capacity planning and tuning to maintain high performance and reliability
Develop and maintain detailed technical documentation for Splunk configurations, workflows and integrations
Ensure all Splunk engineering and development efforts adhere to FISMA, NIST SP 800-53 and other applicable federal cybersecurity guidelines
Provide guidance and mentorship to junior analysts, fostering skill growth and consistent engineering practices
Stay current with emerging Splunk features, industry trends and threat intelligence to inform proactive enhancements
Perform other duties as appropriate and as assigned
Qualification
Required
Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or related field and at least eight (8) years of progressive experience in IT or cybersecurity, including at least five (5) years specializing in Splunk Enterprise and Splunk ES engineering, or an equivalent combination of education, experience and training
Ability to pass a background and drug screening
Must have identification compliant with the Real ID Act at time of hire
Must be able to obtain Department of Energy access badge
Must be able to obtain and maintain a U.S government security clearance
Advanced proficiency with Splunk Search Processing Language (SPL) for complex queries, correlation logic and dashboard development
Strong understanding of SIEM architecture, event correlation and threat-detection methodologies
Proven experience with data onboarding, field extractions and CIM compliance
Familiarity with federal cybersecurity frameworks such as NIST SP 800-53 and FISMA
Knowledge of cloud security and integrating logs from AWS or Azure
Understanding of the MITRE ATT&CK framework and its application within SIEM use cases
Demonstrated ability to design and implement security controls aligned with federal standards
Good interpersonal skills: ability to work effectively and cooperatively with all levels of management and staff, affiliated-company employees as well as outside business associates; exhibits a professional manner in dealing with others
Superior organizational, follow-up and detail-oriented skills
Strong ability to analyze documents and categorize appropriately
Ability to maintain accurate records
Work independently, as well as on a team and with minimal supervision
Make decisions, solve problems and exercise excellent judgment
Work well under pressure and independently prioritize workload, while working on multiple projects
Ability to research, organize and analyze technical information with particular attention to accuracy and detail
Excellent written and verbal communication skills; including thorough knowledge of proper grammar, advanced vocabulary, spelling, editing and proofreading skills
Proficient using Microsoft Office products, such as Word, Excel and PowerPoint and industry-standard computer software and databases
High degree of sensitivity regarding confidential information
Sufficient fine motor skills for the use of computers, calculators with an ability to withstand repetitive keyboarding for extended periods of time
Visual and communications ability adequate to perform the essential functions of the job
Ability to kneel, bend and twist at the waist on an occasional basis
Ability to reach below shoulder height with regular frequency (desk position) and at or above shoulder height on occasion
Ability to push, pull, carry and lift objects weighing up to 10 pounds on a regular basis, and greater weights on an occasional basis
Ability to travel by vehicle or aircraft, and ability to safely operate a motor vehicle
Preferred
Splunk certifications such as Enterprise Certified Architect, ES Certified Admin or Certified Developer
Experience with Python scripting or API integrations to automate Splunk functions
Hands-on experience with SOAR platforms (Cortex XSOAR, Phantom, or similar)
Prior experience supporting cybersecurity operations in a federal or highly regulated environment
Benefits
Paid holidays
Paid time off
401k with employer match
Dental
Vision
Health insurance plans through the Federal Employee Health Benefits (FEHB) program
Life and disability benefits
Company
OSC Technical Solutions
At OSC Technical Solutions, we deliver secure, resilient, and mission-driven solutions across four core service areas: Software Engineering & PM We modernize legacy systems and develop custom software that enhances performance, streamlines operations, and supports enterprise-wide transformation.
201-500 employees
Funding
Current Stage
Growth StageCompany data provided by crunchbase