• Splunk Engineer

    Job Locations US-MD-Greenbelt | US-VA-Fairfax
    Job ID 2018-3728
    Regular Full-Time
  • Position Description

    Valiant Solutions is seeking multiple Splunk Engineers to join our growing team supporting large Government clients in Greenbelt, MD and Fairfax, VA! These Splunk Engineers will provide overall engineering and design support for very large distributed Splunk environments consisting of heavy forwarders, indexers, and search head servers, spanning security, performance, and operational roles.


    Valiant Solutions is a Cybersecurity company delivering cutting-edge security solutions to our Government clients specializing in Cloud Security, Security Engineering, and Federal GRC.  This is your chance to work with a wide range of security technologies for a company that cares about its employees - Valiant has been named one of the Best Places to Work in the DC area FOUR years in a row!


    Salaries will be based on qualifications and education. All candidates must be US citizens with the ability to successfully pass Federal background and credit checks.


    Position Description:  The Splunk engineer will support the full system engineering life-cycle, including requirements analysis, design, development, integration, test, documentation, and implementation following defined best practices and operational workflows.


    The candidate should be familiar with recognizing and onboarding new data sources into Splunk, analyzing the data for anomalies and trends, and building dashboards highlighting the key trends of the data. The Splunk engineer should be familiar with Windows and Linux environments, editing and maintaining Splunk configuration files and apps.  The Splunk engineer will work with other Cybersecurity Engineering team members and will be required to interact with end users to gather requirements, perform troubleshooting, and provide assistance with the creation of Splunk search queries and dashboards. The Splunk engineer will be required interact with senior management, as necessary.



    • Designing, engineering, configuring and administering Splunk content
    • Assisting in the proper operation and performance of Splunk, plug-ins, loggers and connectors
    • Building Splunk reports
    • Developing dashboards with visual metrics for stakeholders
    • Defining strategy and design around data collection, aggregations, and summarization processes
    • Integrating external data sources into Splunk
    • Enforcing best practices related to summarizing and querying data
    • Developing advanced scripts for the manipulation of multiple data repositories to support analyst requirements
    • Partnering with other enterprise teams to support data capture and advanced data analytics and forecasting efforts to support proactive identification of issues
    • Providing recommendations and implement changes to optimize Splunk products in the customer environment
    • Designing the Splunk system solution to meet growth while maintaining a balance between performance, stability, scalability and agility 
    • SIEM content management
    • Ability to develop use cases, search and reporting scripts
    • Create, optimize, and continuously evaluate security monitoring content (correlated searches/alerts) on Splunk ES.


    Job Requirements:

    • Set up and configure Splunk search servers, deployment servers, clustered indexers, and forwarders, as required
    • Configure Splunk integration points and verify functionality in the technical evaluation environment
    • Document build procedures and customizations to provide inputs to functional and operational requirements
    • Create custom reports for ingestion to RSA Archer Dashboard
    • Demonstrate innovative influence for projects
    • Problems faced are difficult and often complex
    • Strong understanding of root causes of malware infections and proactive mitigation
    • Strong understanding of lateral movement and footholds
    • Strong understanding of data exfiltration techniques. Demonstrated ability in critical thinking, problem solving, and analytics
    • Enjoy analyzing patterns looking for outliers
    • Enjoy creating ways to find needles in haystacks
    • Have real world experience analyzing complex attacks and understand TTPs of threat actors
    • Define relationships between seemingly unrelated events through deductive reasoning
    • Experience in network/host based intrusion analysis, malware analysis, forensics, and cyber threat intel
    • Knowledge of advanced threat actors and complex attacks
    • Possess excellent writing skills and the ability to communicate to technical and executive level staff
    • Quick study with new tools
    • Knowledge and experience with Splunk and other cyber tools


    Required/Desired Skills:

    • Bachelor’s Degree is required
    • Minumum of 10 years of IT experience
    • Demonstrated 7+ years knowledge and hands-on experience in security with an emphasis in engineering design, system analytics, operations and maintenance of a variety of security technologies used for security defense areas such as: network, storage/back, platforms (Windows/Linux Servers and desktops)
    • 5 years of experience with Splunk, network security, system security, and supporting security information and event management (SIEM)
    • Demonstrated experience in the implementation of information engineering projects; systems analysis, design and programming using standard tools and methods
    • Create complex detection and alerting logic and log source onboarding for security focused content in our enterprise Splunk deployment.
    • Ingest sources include: Networking (Load-Balancers, IPS, Firewalls), Operating Systems (Linux, Windows, UNIX), security tools, infrastructure, and
    • applications.
    • Engineer, configure, and deploy enterprise SIEM and log management solutions, develop automation for security tools management, and create customized searches and applications using programming and development expertise, including Java, Python, Shell scripting, and regular
    • expression.
    • Create and optimize Big Data correlations as a Splunk search language (SPL) expert.
    • Optimize/Tune logging source streams.
    • Provide guidance and support for existing security analytics.
    • Develop solution and enterprise best practices for logging and monitoring.
    • Work directly with cyber security teams to gather functional requirements, develop solutions which meet or exceed the requirements, and support the system.
    • Promote a risk-aware culture, ensure efficient and effective risk and compliance management practices by adhering to required standards and processes.
    • Leverage knowledge on a number of security technologies to operate and maintain the Splunk log management infrastructure.
    • Develop advanced reports to meet the requirements of key stakeholders and scalable security management tools and processes.
    • The candidate must have experience in designing, implementing, and maintaining a fully operating SIEM solution.
    • Strong technical knowledge of Amazon AWS products and services, such as EC2, BeanStalk, Lambda, VPC, Route53, Amazon FW, API Gateway, ELB, CloudTrail, CloudFront, and etc.
    • Proficiency in one or more programming/scripting languages - experience with Javascript/Node, Python, Lua, or PowerShell is strongly preferred
    • Strong knowledge of information security concepts, trends, and practices
    • Working knowledge of various network and security systems
    • Familiarity with basic statistics/probability and Big Data analytics techniques such as SVM, logistics regression, Kmeans, and Naives Bayes.
    • An ability to learn quickly, and a passion for solving technical problems
    • Superior written and oral English communication skills is essential
    • Highly developed, process-oriented skills for troubleshooting, problem solving, and problem resolution
    • Good knowledge of networking concepts
    • Familiarity with XML and HTML, CSS, XML tasks
    • Ability to perform shell, Python and PERL scripts
    • Prior supervisory or technical team lead experience
    • Knowledge of network routing and switching fundamentals to include knowledge of Multiprotocol Layer Switching (MPLS)
    • Deep technical understanding of operating systems, network architecture and design, Active Directory (AD) application log consumables, systems design as well as superior knowledge of technical operations process and procedures
    • Knowledge of encryption, key management and cryptology
    • Knowledge with the Risk Management Framework (NIST 800-37), Security Controls as described in NIST 800-35, and the Federal Information Security Modernization Act (FISMA) operating standards and applicable guidelines
    • Practical knowledge of performing threat modelling, risk analysis, root cause analysis, risk identification, and risk mitigation
    • Experience planning and implementing secure networking practices such as: application segmentation, network segmentation, NAC and other access control testing/validation, updating access control SOPs
    • Ability to configure and develop an enterprise SIEM solution including signature tuning, development of correlation rules, reports, and alarms
    • Experience with a variety of web application protocols, web services (components including JavaScript, XML, JSON), scripting capabilities (Power shell, Python) software development frameworks, operating systems, and networking technologies. Understanding of various web application frameworks such as ASP.NET, J2EE
    • Organizational Skills: Proven ability to plan and prioritize work, both their own and that of project team. Managed teams.  Follows tasks to their logical conclusion. Understanding of project management principles and techniques (project plans, critical path, etc.), ability to develop security project plans and work with development teams to integrate those into development schedules - in both waterfall and agile environments. 
    • Team Work: Excels both autonomously and as part of a team. Prepared to challenge ideas within a group in a constructive way. Ability to influence others and move a team toward a common vision or goal.
    • Leadership: Acute business acumen and understanding of organizational issues and challenges. Able to work effectively at all levels in an organization.
    • Communications: Ability to interact with senior managers, junior staff, and business unit (non-technical) customers clearly and efficiently, both verbally and in writing. Able to present ideas in a variety of ways depending upon audience and context. Excellent active listening skills.
    • Problem Solving: Natural inclination for planning strategy and tactics. Ability to analyze problems and determine root cause, generating alternatives, evaluating and selecting alternatives and implementing solutions.
    • Results oriented: Able to drive things forward regardless of personal interest in the task.



    About Valiant Solutions:

    Valiant Solutions is a security focused IT solutions provider with both public and private sector clients nationwide.  As named one of the fastest growing privately held companies by Inc5000 and Best Places to Work in the DC area by WBJ, Valiant Solutions provides its employees with great benefits and opportunities for advancement. At the same time, we understand that our employees need the right balance between professional growth and personal life. We are looking for individuals that are passionate about the mission they support and are committed to the customers they serve. If you would enjoy working in a dynamic environment as part of a stellar team of professionals, then we invite you to apply online today. 


    Benefits Snapshot (includes, but not limited to):

    Valiant pays 99% of the Medical, Dental, and Vision Coverage for FTE

    Valiant contributes 25% towards Health Coverage for Family and Dependents

    100% Paid Short Term Disability and Life Insurance Policy for FTE

    100% Paid Certifications

    401K Matching up to 4%

    Paid Time On – 40 hours to pursue innovation

    Valiant University – Online Education and Training Portal

    Reimbursement for Public Transit and Parking

    FSA programs for: Medical Costs, Dependent Care, Transit, and Parking

    Referral Bonuses


    Equal Opportunity Employer:

    Valiant Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, ethnicity, color, national origin, sex/gender, pregnancy, religion, age, marital status, sexual orientation, military/veteran status, disability, genetic information/history or any other personal characteristic protected by law.


    Equal Opportunity Employer:

    Valiant Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, ethnicity, color, national origin, sex/gender, pregnancy, religion, age, marital status, sexual orientation, military/veteran status, disability, genetic information/history or any other personal characteristic protected by law.


    Physical Demands

    Must be able to remain in a stationary position 50% of the time and also be able to occasionally move about inside the office to access file cabinets, office machinery, etc.

    Must be able to constantly operate a computer and other office productivity machinery, such as a copy machine, and computer printer.

    Must be able to communicate, detect, converse with, discern, convey, express one self, and exchange information visually and verbally.

    Must be able to occasionally bend and lift files and papers up to 10 pounds throughout the office space for events and meetings.


    Authorization to Share Resume and Personal Information:

    By submitting your resume for this position, you authorize Valiant Solutions to share your resume, as well as personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should Valiant Solutions or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed