Splunk SME
Arlington, VA

Job Description

Splunk SME

Residency Status: ALL CANDIDATES MUST BE A U.S. CITIZEN

Clearance: Active TS with SCI with the ability to obtain DHS Suitability prior to starting employment

Time Type: Full-Time

Relocation Fees: No

Company Overview:

Novel Applications of Vital Information Inc. (Novel Applications) is a premier technology services company that provides solutions in the areas of Cyber Security, Information Management, Systems Integration. Novel Applications is a business that combines experience, creativity, flexibility, pragmatism, and cost-effective solutions in order to deliver measurable business value to our clients.

Headquartered in Fredericksburg Virginia, Novel Applications employs engineers, analysts, IT specialists and other professionals who strive to be the best at everything they do.

Novel Applications is an AA/EEO Employer - Minorities/Women/Veterans/Disabled.

Job Description:

NAVOI is seeking a Splunk Subject Matter Expert supports the development and implementation of cyber engineering strategies, tools, and techniques to enhance a systems cyber-resiliency against existing and emerging cyber-threats.

Responsibilities:

* Perform hands-on technical analysis of test data and use critical thinking and a broad understanding of different technologies to identify areas susceptible to cyber-attack, based upon provided cyber-threat intelligence.
* Assist in developing recommended improvements to engineering requirements and specifications.
* Support the development of presentations and reports to document findings, and will require good communication and interpersonal skills to convey findings in a tactful manner and at the technical proficiency of the audience.
* Provide overall engineering and design support for a distributed Splunk environment consisting of heavy forwarders, indexers, and search head servers, spanning security, performance, and operational roles.
* Support the full system engineering life-cycle, including requirements analysis, design, development, integration, test, documentation, and implementation following defined best practices and operational workflow
* Familiar with recognizing and onboarding new data sources into Splunk, analyzing the data for anomalies and trends, and building dashboards highlighting the key trends of the data.
* Ability to support Linux environment, editing and maintaining Splunk configuration files and apps.
* Work with other Cybersecurity Engineering team members and will be required to interact with end users to gather requirements, perform troubleshooting, and provide assistance with the creation of Splunk search queries and dashboards.
* Will interact with senior management, as necessary.
* Capable of providing cybersecurity engineering support on systems, system elements, interfacing systems, components, security tools, devices and/or processes for developmental and operational cyber tools
* Possess in-depth technical and theoretical knowledge of cyber defensive operations and technologies
* Capable of working independently or as a team member to solve cybersecurity engineering problems
* Develop and analyze available COTs cyber protection tools that will improve security posture and provide recommendations that support the remediation and protection of systems
* Perform requirements traceability to assessment findings
* Perform cyber criticality, mission impact, and risk analysis of recommended tools
* Translate analytical findings into security use cases that can be implemented within available surveillance capabilities
* Provide detailed and accurate technical reporting of analysis results in the form of PowerPoint presentations and/or Word documents, as well as oral briefings on complex technical subjects attuned to senior management, technical, or non-technical audiences

Required skills:

* Splunk Enterprise Certified Architect certificate and /or Splunk Enterprise Certified Admin certificate
* 4+ years of experience in a senior Splunk role
* 3+ Years experience in Linux and SQL/ODBC interfaces
* 2+ Years experience in app interface development, using REST API's
* Experience in SQL

Desired Skills:

* Should hold one or more of the following certifications in good, current standing:
* CISA, GCIH, GCED, CISSP, CASP, or Security+


* 3+ years of related Identity Management tools engineering experience, including installing, configuring and troubleshooting experience with one or more of these tools:
* CyberArk, SailPoint, CA PAM, Tenable-Nessu



Required Education:

* Bachelor's degree in Computer Science/Software Engineering or related degree is desired and a minimum of 4 years of prior relevant experience.