SIEM Data Onboarding Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Booz Allen Hamilton · 16 hours ago

SIEM Data Onboarding Engineer

positionNorfolk, VA
timeFull-time
remoteHybrid
seniorityMid Level
money$99K/yr - $225K/yr
date3+ years exp

Booz Allen Hamilton is a leading consulting firm, and they are seeking a SIEM Data Onboarding Engineer to design, deploy, and manage Splunk infrastructure. The role involves developing and maintaining Splunk dashboards, integrating data sources, and providing user training and support for Splunk-related activities.

ConsultingCyber SecurityIT InfrastructureManagement ConsultingSecurity
check
Growth OpportunitiesbadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Design, deploy, and manage Splunk infrastructure
Develop and maintain Splunk dashboards, queries, and alerts
Integrate Splunk with various data sources to ensure comprehensive data ingestion
Monitor and troubleshoot Splunk performance issues
Collaborate with cross-functional teams to gather requirements and provide Splunk solutions
Implement and enforce best practices for Splunk data management and retention
Provide user training and support for Splunk-related activities

Qualification

Splunk managementCribl configurationLinux administrationWindows administrationDoD 8570 IAT Level IIScripting languagesNetworking fundamentalsRegex for field extractionSplunk REST APICommunication skills

Required

2+ years of experience in managing and configuring Splunk, and in Splunk architecture, including indexers, search heads, forwarders, and deployment servers
2+ years of experience configuring Cribl sources, destinations, routes and collectors, and building pipelines to parse, normalize, enrich, mask, dedupe, and route data to Targets
2+ years of experience authoring and maintaining props.conf, transforms.conf, inputs.conf, and outputs.conf, and packaging Apps or TAs
2+ years of experience in Linux and Windows administration, including file paths, services, permissions, and log locations
1+ years of experience with Cribl Redmap or JavaScript functions
1+ years of experience with regex for field extraction and event breaking, and Splunk REST API for automation and operational tasks
Active TS/SCI clearance; willingness to take a polygraph exam
Associate's degree and 5+ years of experience supporting IT projects and activities, OR Bachelor's degree and 3+ years of experience supporting IT projects and activities, OR Master's degree and 1+ years of experience supporting IT projects and activities, OR 10+ years of experience supporting IT projects and activities in lieu of a degree
DoD 8570 IAT Level II certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND certification
Ability to obtain a DoD 8570 Cyber Security Service Provider - Infrastructure Support certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND certification, within 60 days of start date

Preferred

2+ years of experience with Networking fundamentals, including TCP/UDP, TLS, syslog transport, firewall ports, and common transport issues
2+ years of experience in basic troubleshooting with tools such as tcpdump or wireshark, basic vi/vim usage, setfacl, and SELinux
1+ years of experience with DoD STIGs or other organizational hardening standards working in regulated environments
Experience in SPL for validation, troubleshooting and basic dashboards
Experience with scripting languages such as Python, Bash, or PowerShell
Experience with Load-Balancer fundamentals
Knowledge of common log formats, including syslog, Windows Event, JSON, CSV, and XML
Knowledge of Git for code version control
Knowledge of Ansible playbooks
Possession of strong verbal and written communication skills

Benefits

Health, life, disability, financial, and retirement benefits
Paid leave
Professional development
Tuition assistance
Work-life programs
Dependent care
Recognition awards program

Company

Booz Allen Hamilton

twittertwittertwitter
Glassdoor4.2
company-logo
Booz Allen Hamilton is a consulting firm that specializes in analytics, technology, and engineering.
dateFounded in 1914
location
Mclean, Virginia, USA
people-size10001+ employees
web-link
http://www.boozallen.com

Funding

Current Stage
Public Company
Total Funding
$3.03B
2025-03-11Post Ipo Debt· $650M
2023-08-01Post Ipo Debt· $650M
2020-08-13Post Ipo Debt· $700M

Leadership Team

leader-logo
Matthew Calderone
Chief Financial Officer and Executive Vice President
linkedin
leader-logo
Kristine Anderson
Chief Operating Officer
linkedin

Recent News

Washington Technology
Andreesen Horowitz, Hadrian and Valinor detail their newest capital raises
2026-01-14
Bizjournals.com Feed (2025-11-12 15:43:17)
Andreessen Horowitz partners with Booz Allen Hamilton to connect government clients with startups
2026-01-13
Business Wire
Booz Allen Announces Partnership with Andreessen Horowitz to Accelerate and Scale Advanced Technology for Governments
2026-01-12
Company data provided by crunchbase