2935 IT & Software Developer jobs in the US
Senior Splunk Engineer - Independence
$150,000 - 165,000
Cherokee Federal
West Pembroke Avenue 2, Independence
$150,000 - 165,000
Requirements
Must:
- Over 7 years of experience in security engineering, SOC/IR, or platform engineering
- At least 4 years of hands-on experience designing and managing Splunk Enterprise and Splunk ES in production environments
- Minimum of 3 years of practical experience with Splunk SOAR (Phantom) and automating ES notifications and ServiceNow incident response workflows
- Strong knowledge of AWS services including GuardDuty, CloudTrail, Security Hub, IAM, EC2, S3, and VPC Flow Logs; experience with cross-account and multi-region setups is preferred
- Proven expertise in integrating ServiceNow for Incident Response
- Proficient in SPL, Python, AWS Boto3, Splunk/Phantom SDKs, REST APIs, and Git for version control
- In-depth understanding of CIM, data model enhancements, indexing strategies, and search performance optimization
- Strong knowledge of MITRE ATT&CK framework, CVE/CVSS, CISA KEV, along with risk-based detection and automation
- Experience in aligning operations with FISMA/NIST RMF, FedRAMP, and CMMC regulations; capable of generating evidence for audits
- Preferred: Splunk certifications (Core Certified Power User/Admin/Architect, ES Admin), AWS certifications, Security+, CySA+, CISSP, GCDA/GCSA
- Preferred: Background in managing Splunk SHC, deployment servers, KVstore, and large-scale ES content management, as well as experience with AWS Organizations and customizing ServiceNow incident response integrations
- Must meet pre-employment qualifications set by Cherokee Federal.
Responsibilities
- Design, implement, and sustain Splunk Enterprise installations, including indexers, search heads, and other components across both on-premise and AWS environments
- Create scalable data onboarding solutions, including parsing and indexing through various ingestion methods
- Enforce governance policies including RBAC, data retention, and compliance with federal regulations
- Enhance search performance, manage data model accelerations, and optimize event throughput within the ES framework
- Produce and refine ES correlation searches, risk-based alerts, and adaptive responses in line with MITRE ATT&CK
- Construct dashboards and workflows for investigations, minimizing false positives and improving analyst productivity
- Maintain data models that comply with CIM standards while leading efforts in data normalization and quality assurance
- Assess and communicate the effectiveness of detection and response capabilities
- Develop Splunk SOAR playbooks with secure configurations for efficient threat management
- Synchronize ES notables with automated incident responses and with ServiceNow for tracking and processing incidents
- Implement detection and response strategies for AWS platforms, including automation for security actions
- Integrate EDR and identity platforms for host mitigation and incident handling
- Lead Splunk setup in AWS, focusing on scalability and automation
- Standardize Python module usage and CI/CD practices for deployment
- Align operations with FISMA/NIST RMF and maintain audit readiness through systematic logging and evidence tracking
- Conduct continuous validation of controls and updates on necessary documentation
- Advocate for strong security practices in all engineering changes and automation projects
- Convert SOC/IR runbooks into proficient detections and automations
- Mentor junior engineers on best practices in SPL, ES development, and automation processes
- Collaborate with stakeholders to prioritize security use cases and deliver measurable results
- Undertake additional tasks as assigned.
Description
We are Criterion, part of Cherokee Federal, a trusted partner to over 60 federal clients. We focus on creating a brighter future by addressing complex challenges and supporting the governmental mission with dedication. We are currently hiring a Senior Splunk Engineer to lead the architecture, development, and operation of the Splunk platform, emphasizing hybrid environments and AWS. This full-time position offers a competitive salary range of $150,000 to $165,000, complemented by comprehensive benefits including medical, dental, vision, and a 401K plan. Our team thrives on innovation and collaboration, and we welcome veterans and active military transitioning to civilian roles to apply. Join us in making a meaningful impact!
Something wrong or incorrect with this job? Tell us in the chat 💬 on the right ➡️
You can find DevOps salaries in the United States here.
How many DevOps jobs are in the United States?
Currently, there are 2935 DevOps openings. Check also: Cloud jobs, AWS jobs, Azure jobs, GCP jobs, Kubernetes jobs, Docker jobs, Terraform jobs - all with salary brackets.
Is the US a good place for DevOps?
The US is one of the best countries to work as a DevOps. It has a vibrant startup community, growing tech hubs and, most important: lots of interesting jobs for people who work in tech.
Which companies are hiring for DevOps jobs in the United States?
VenHub, AMERICAN SYSTEMS, Trimlite, Menusifu, Inc., Concordia Group, Peraton, Active Datacomm among others, are currently hiring for DevOps roles in the United States.
The company with most openings is Lockheed Martin Corporation as they are hiring for 273 different DevOps jobs in the United States. They are probably quite committed to find good DevOps.
The company with most openings is Lockheed Martin Corporation as they are hiring for 273 different DevOps jobs in the United States. They are probably quite committed to find good DevOps.