Splunk Architect/Engineer - Senior (w/ active TS/SCI)

Splunk Architect/Engineer - Senior (w/ active TS/SCI)

Location: Annapolis Junction, MD
Clearance: Active Top Secret/SCI
Type: Full-time, On-site (No remote)

JOB DESCRIPTION

Critical Solutions is seeking an experienced Splunk Architect/Engineer to join our team supporting a federal program in Annapolis Junction, MD. This role is responsible for maintaining and enhancing the current Splunk enterprise infrastructure. Further projects will involve the implementation of Splunk Enterprise Security (ES) and Security Orchestration, Automation, and Response (SOAR) and other vendor solutions.

The ideal candidate will bring a deep understanding of Splunk architecture, SIEM/SOAR systems, and cybersecurity best practices, along with the ability to lead complex technical implementations and collaborate effectively across teams.

PRIMARY ROLES AND RESPONSIBILITIES:

• Implements, tests, and operates advanced software security techniques in compliance with technical reference architecture.
• Conduct on-going security assessments and code review to improve software security.
• Troubleshoots and debugs issues that arise
• Provides engineering designs for new software solutions to help mitigate security vulnerabilities
• Contributes to all levels of the architecture and maintains technical documentation.
• Consults team members on secure coding practices. Develops a familiarity with new tools and best practices.
• Design, implement, and maintain SIEM and SOAR solutions.
• Design and implement threat detection, automate incident response processes, integration of various security tools with SIEM and SOAR platforms via APIs
• Maintain SIEM applications to collect and aggregate IDS and IPS data from network sensors, raw data from collection agents, firewalls, proxy servers, DLP, antivirus, vulnerability scanner elements, and other security-relevant devices.
• Utilize expertise in Splunk "Search" language, Splunk Dashboards, Reports, Lookup Tables, and Summary Indexes. Build Splunk dashboards that take inputs from various data sources such as application logs / operating system logs / middleware logs / network feeds etc. and identify / highlight anomalous activities on the dashboards by their severity levels.
• Perform troubleshooting and provide assistance with the creation of Splunk search queries and dashboards.

BASIC QUALIFICATIONS:

• Active Top Secret/SCI (TS/SCI) security clearance required
• Bachelor's degree and 12 years of relevant experience, Master's degree and 10 years, or a PhD and 7 years. (Additional four years of work experience can substitute for a degree.)
• Proven experience as a Splunk Administrator or similarly named Splunk focused role.
• Deep understanding of Splunk architecture, components, and deployment options.
• Proficient in Splunk Search Processing Language (SPL) for creating complex search queries and reports.
• Experience with Splunk data ingestion methods, including forwarders, HTTP Event Collector (HEC), and scripted inputs.
• Familiarity with Splunk Enterprise Security (ES), Qumolos, and Splunk SOAR is a plus.
• Solid understanding of IT infrastructure, including networking, operating systems, and security principles.
• Excellent problem-solving skills and attention to detail.
• Strong communication and collaboration abilities.
• Must have 8140/8570 IAT Level III certification

CERTIFICATION REQUIREMENT:

• 8140/8570 IAT Level III certification

PREFERRED QUALIFICATIONS:

• Splunk Architect (desired)
• Splunk Certified Administrator certification (desired)

LOCATION:

• Annapolis Junction, MD
• On-site only (no remote)
• Must be willing and able to commute to Annapolis Junction, MD

ADDITIONAL INFORMATION:

Clearance Requirement: Possess an active DoD Top Secret/SCI Clearance. In addition, selected candidate must undergo background investigation (BI) and finger printing by the federal agency and successfully pass the preceding to qualify for the position. US CITIZENSHIP IS REQUIRED.

CRITICAL SOLUTIONS PAY AND BENEFITS:

Salary range $- - $-. The salary range for this position represent the typical salary range for this job level and this does not guarantee a specific salary. Compensation is based upon multiple factors such as responsibilities of the job, education, experience, knowledge, skills, certifications, and other requirements.

BENEFIT SNAPSHOT: 100% premium coverage for Medical, Dental, Vision, and Life Insurance, Supplemental Insurance, 401K matching, Flexible Time Off (PTO/Holidays), Higher Education/Training Reimbursement, and more.