About Waterleaf
Waterleaf International an engineering, cybersecurity and science-based defense and networking contractor is seeking full time Security Operations Center (SOC) Analysts.
Waterleaf hires, trains and promotes the best and brightest for upward mobility and the opportunity to grow and succeed. We offer excellent benefits (Medical/Dental/PTO/Tuition) and more.
Waterleaf offers a forward leaning culture – that means our focus and direction is on people, intellect, process and deliverables. Our people include employees, contractors, and customers all of whom have inherent value and contributions to not only our mission in defending our country but to the community we each live in.
We support professional and individual growth and provide dynamic, fascinating, and supportive work environments. Talk to us about the ability to have a great financial and personal gains in a thriving and vital environment.
Job Summary
Waterleaf is seeking a talented Splunk Engineer to join our team. The Splunk Engineer will install and maintain Splunk infrastructure, gather requirements from customers, onboard data, and assist end users with search, dashboards, reports, and knowledge objects.
What You'll Do
Primary Responsibilities
- Manage multiple assignments, changing priorities, and work independently with little oversight
- Build, implement, and administer Splunk in Windows and Linux environments
- Work with existing and custom Splunk applications and add-ons to fulfill customer needs
- Provide operations and maintenance support for a distributed Splunk environment consisting of heavy forwarders, indexers, and search head servers, spanning security, performance, and operational roles
- Editing and maintaining Splunk configuration files and apps
- Onboard data to Splunk via forwarder, scripted inputs, TCP/UDP, and modular inputs from a variety of sources.
- Provider operational support for Splunk Universal Forwarder on Linux and Windows endpoints
- Manage, and support automation solutions for Splunk deployment and orchestration in on-premise.
Who You Are
- You are deeply passionate about information security and boast a versatile background in business, technology, and security. Your strong critical thinking and analytical skills set you apart. You also possess the following qualifications:
Basic Qualifications
- Bachelor’s degree in Computer Science, Engineering, or a related field and a minimum of four (4) years of experience in system administration, database administration, network engineering, software engineering, or software development, with a concentration in Cybersecurity
- Two (2) years of experience with Splunk in distributed deployments
- At least two certification: Splunk Certified in Admin or ES Administration.
- Excellent written and oral skills, ability to work closely with multiple customers, manage expectations and track engagement scope
- Experience with Splunk Enterprise Security or integration with other Security Information and Event Management (SIEM) platforms
- Proficient at data on-boarding activities including routing, parsing, and normalizing events to the Splunk Common Information Model (CIM)
- Proficiency onboarding data using Splunk developed add-ons for Windows, Linux, and common third-party devices and applications
- Experience onboarding data into Splunk via forwarder, scripted inputs, TCP/UDP, and modular inputs from a variety of sources
- Proficiency managing Splunk using the Splunk command-line interface
- Proficiency managing Splunk using configuration files
- Experience collaborating with separate engineering teams to configure data sources for Splunk integration
- Proficiency implementing and onboarding data in Splunk
- Experience with Splunk performing systems administration, including performing installation, configuration, monitoring system performance and availability, upgrades, and troubleshooting
- General networking and security troubleshooting (firewalls, routing, NAT, etc.)
- Splunk implementation and troubleshooting experience
- Experience in managing, maintaining, and administering multi-site indexer cluster
- Proficiency developing log ingestion and aggregation strategies per Splunk best practices
- Perform integration activities to configure, connect, and pull data with 3rd party software APIs
- Proficient in regular expressions
- Ability to autonomously prioritize and successfully deliver across a portfolio of projects
- Ability to Script and use Ansible and/or Teraform
Preferred Qualifications
List additional skills and experience that is “nice to have” but not required.
- Experience working in Azure
- Experience with CRIBL
- Experience with large DB analysis/customization/tagging
- Experience with GitLab or GitHub or other version control system
- Scripting and development skills (Bash, Python, and PowerShell)
Our team is varied and lives throughout the US with HQ in SW FL. We primarily work remote and do have lab, testing and staging areas as well.
We have highly competitive benefits with a package that includes paid time off, platinum health insurance, dental and vision coverage, maternity/paternity leave, 401K w/employer contribution, education, flex schedules and time shifting, support for your passion projects and opportunities for professional growth.
Job Type: Full-time
Compensation: We pay for performance, capabilities and skills…we are SME’s and expect you to be as well.
Base Pay:
Employee Stock Options (ESO)– we are a private company, and all employees get ESO’s.
Benefits:
- 401(k) matching
- Dental insurance
- Flexible schedule
- Health insurance
- Paid time off
- Professional development assistance
- Vision insurance
- Maternity/Paternity Leave
- But wait there’s even more
What We Provide:
- Competitive compensation structure - We believe in above-average compensation for our above-average team members.
- Generous time off - Our team enjoys extensive PTO/Vacation, plus paid holidays and maternity/paternity leave for new parents.
- Healthcare - We have you covered. Health, vision, dental and life plans, for you and your family. See our benefits above.
- Grow with us - We offer our team every chance to learn and grow their skills while helping shape the future of our company.
How to Apply:
Thank you for including us in your job search. Please submit your resume and a cover letter to let us know why you feel we are a good match. All applications are reviewed quickly because we respect your time. Please make note that due to potential Federal contract requirements, applicants must be US citizens.
Due to the volume of applications, only shortlisted candidates will be contacted.
Waterleaf has preferred agency relationships and does not accept unsolicited agency resumes. Please do not forward resumes to our jobs email address, our employees or mail to our office locations. Waterleaf is not responsible for any fees related to unsolicited resumes. Waterleaf is an equal opportunity employer who values diversity in our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. In fact we know that the most inclusive and diverse teams accomplish the most extraordinary results!