Summary:
The Splunk Service Engineer is responsible for configuring and fine-tuning Splunk Core and Splunk Enterprise Security (ES) services, collaborating with CISO teams to develop advanced security use cases and actionable workflows. The role involves technical solutions design, training workshops, and supporting incident response, with a focus on enhancing cyber threat detection and response capabilities.

Position Info:

• Title: Splunk Cyber Security Solutions Engineer II
• Client: Peraton
• Duration: 8 Months
• Location: 6001 Hospitality Court, Morrisville, NC 27560
• Work Mode: Remote for (Morrisville, NC; Falls Church, VA; Eagan, MN) Candidates only

Responsibilities:

• Configure and optimize Splunk Core and Splunk ES services.
• Develop advanced security use cases, actionable alerts, and workflows for Splunk as a SIEM tool.
• Create and implement dashboards, reports, and data models for enhanced monitoring and analysis.
• Assist CISO teams through training, workshops, and hands-on support for Splunk engineering and content development.
• Build custom dashboards and machine learning models for risk-based alerting and anomaly detection.
• Collaborate with stakeholders to ensure effective event logging from diverse systems and infrastructure.
• Support off-hours incident investigations and systems maintenance as needed.

Skills/Qualifications:

• Bachelor's degree in Computer Science, Information Technology, or Information Security required (Master's degree preferred).
• Extensive experience (5+ years) in information security operations or related IT functions.
• Proficiency in developing Splunk apps, knowledge objects, and workflows for SIEM purposes.
• Strong knowledge of network protocols, operating systems, and cybersecurity tools.
• Experience with Splunk in SAAS or cloud-hosted environments is a plus.
• Certifications such as CompTIA Security+, CEH (Certified Ethical Hacker), or CPTE (Certified Penetration Testing Engineer) preferred