🚀 Splunk Engineer - Active TS/SCI Required

You will work with an expert team focused on implementing and operating next-generation security solutions for government and commercial clients. You’ll use Splunk and integrate it with other state-of-the-art tools like HBSS, Enterprise Security Manager (ESM), Network Security Manager (NSM), NetFlow, and Intrusion Detection Systems (IDS) to monitor, detect, and analyze threats.

Responsibilities include performing hands-on evaluation, implementation, and operation of leading security cyber defense tools and technologies. You will apply in-depth defense strategies for large and complex networks to rapidly identify vulnerabilities and threats, prioritize response actions, and develop effective countermeasures. Additionally, you’ll support the risk management and security compliance of specified cybersecurity tools. You will also provide thought leadership to solve complex security challenges in a highly collaborative and innovative environment.

Minimum Qualifications:

• 3+ years of experience utilizing Splunk Enterprise
• Experience with deploying, configuring, and performing functional testing and data validation in a Splunk environment
• Experience with Splunk system administration, including installation, configuration, monitoring system performance and availability, upgrades, and troubleshooting in Windows and Linux Server environments
• Experience creating custom dashboards, writing queries, generating reports, and setting up alerts and notifications
• Familiarity with DoD Risk Management Framework
• Top Secret/SCI clearance with the ability to obtain a Counter-Intelligence polygraph
• HS diploma or GED with 7+ years supporting IT projects, or an Associate’s degree with 5+ years, or a Bachelor’s degree with 3+ years of experience
• DoD 8570 IAT Level II Certification (e.g., CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP)
• Ability to obtain a DoD -M Cybersecurity Service Provider - Infrastructure Support Certification prior to start date (e.g., CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, CND)

Optional Qualifications:

• Ability to ingest and parse logs within Splunk
• Experience with fields abstraction and data modeling using Splunk
• Experience with workflows, drilldown queries, and administering distributed Splunk deployments
• Experience performing site surveys, data gathering, research, and analysis for deploying security tools
• Splunk Certified Power User or other advanced Splunk certifications
• Experience with DevSecOps and ELK stack (Elasticsearch, Logstash, Kibana)
• Excellent oral and written communication skills, including presentation skills for conveying complex ideas
• Strong problem-solving skills

Essential Network Security (ENS) Solutions, LLC is a service-disabled veteran-owned IT consulting and management firm. We provide innovative solutions in Identity, Credential and Access Management (ICAM), Software Development, Cyber and Network Security, System Engineering, and more, primarily supporting the Department of Defense and Intelligence Community. Our experts maintain a high standard of excellence in delivering scalable, innovative, and collaborative infrastructure solutions.

Why ENS?

• Free Platinum-Level Medical/Dental/Vision coverage, fully paid by ENS
• 401k contribution from Day 1
• PTO plus 11 paid Federal Holidays
• Long & Short Term Disability Insurance
• Group Term Life Insurance
• Tuition, Certification & Professional Development Assistance
• Workers’ Compensation
• Relocation Assistance