ENS Solutions, LLC ยท 21 hours ago
SIEM Data Onboarding Engineer - Active TS/SCI with CI Poly
College Park, MD
Full-time
Onsite
Mid Level
3+ years expENS Solutions, LLC is a service-disabled veteran owned IT consulting and management firm that provides solutions for the Department of Defense and Intelligence Community. They are seeking a Splunk Engineer responsible for managing and enhancing the Splunk environment, ensuring seamless data ingestion, analysis, and visualization, while collaborating with cross-functional teams to support business needs and security operations.
Information Technology & Services
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Design, deploy, and manage Splunk infrastructure
Develop and maintain Splunk dashboards, queries, and alerts
Integrate Splunk with various data sources to ensure comprehensive data ingestion
Monitor and troubleshoot Splunk performance issues
Collaborate with cross-functional teams to gather requirements and provide Splunk solutions
Implement and enforce best practices for Splunk data management and retention
Provide user training and support for Splunk-related activities
Qualification
Required
2+ years of experience in managing and configuring Splunk, 2+ years of experience in Splunk architecture: indexers, search heads, forwarders, deployment server and 1+ year with Splunk REST API for automation and operational tasks
2+ years configuring Cribl sources, destinations, routes and collectors
2+ years building pipelines to parse, normalize, enrich, mask/dedup, and route data to Splunk and other targets
2+ years authoring/maintaining props.conf, transforms.conf, inputs.conf, outputs.conf and packaging Apps/TAs
2+ years in Linux and Windows administration: file paths, services, permissions, and log locations
1+ year with basic familiarity with Cribl Redmap/JavaScript functions
1+ year with regex skills for field extraction and event breaking
Active TS/SCI clearance; willingness to take a polygraph exam
Associate's degree and 5+ years of experience supporting IT projects and activities, OR Bachelor's degree and 3+ years of experience supporting IT projects and activities, OR Master's degree and 1+ years of experience supporting IT projects and activities, OR 10+ years of experience supporting IT projects and activities in lieu of a degree
DoD 8570 IAT Level II certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND certification
Must obtain a DoD 8570 Cyber Security Service Provider - Infrastructure Support certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND certification prior to start date
Preferred
1 year experience with DISA STIGs or other organizational hardening standards working in regulated environments
2+ years Networking fundamentals: TCP/UDP, TLS, syslog transport, firewall ports and common transport issues
2+ years in basic troubleshooting with tools such as tcpdump/wireshark, basic vi/vim usage, setfacl, SELinux
Knowledge of common log formats: syslog, Windows Event, JSON, CSV, XML
Proficient in SPL for validation, troubleshooting and basic dashboards
Experience with scripting languages such as Python, Bash, or PowerShell
Strong communication skills
Load-Balancer fundamentals
Knowledge of Git for code version control
Knowledge of Ansible playbooks
Knowledge of Python scripting
Benefits
Free Platinum-Level Medical/Dental/Vision coverage, 100% paid for by ENS
401k Contribution from Day 1
PTO + 11 Paid Federal Holidays
Long & Short Term Disability Insurance
Group Term Life Insurance
Tuition, Certification & Professional Development Assistance
Workers' Compensation
Relocation Assistance
Company
ENS Solutions, LLC
Essential Network Security (ENS) Solutions, LLC is a veteran owned, highly regarded IT consulting and management firm.
11-50 employees
Funding
Current Stage
Early StageLeadership Team
Titus Ogunyemi
President & CEO
Company data provided by crunchbase