[Hiring] Splunk Engineer @Zen Strategics Llc

Full-time

About Zen:

This is the ABOUT ZEN - Here is a new paragraph that should be on every job posting. Own your opportunity to work with a client-focused, growing, agile small business. Make an impact by advancing our government organizations charged with keeping our country safe, prosperous, and secure. Zen Strategics LLC is a cleared, niche consulting firm, offering innovative Cybersecurity, Cloud/DevSecOps, Information Data Management, and Modernization solutions. We are a leading organization committed to delivering innovative solutions and ensuring the highest standards of security for our customers' infrastructure assets. We are dedicated to staying ahead of evolving cyber threats and protecting our clients' data by leveraging cutting-edge technologies (including AI/ML) and proactive security measures.

Position Description:

The candidate shall assess, architect, implement, deploy, and operate solutions for capturing security-relevant information (e.g., log data, Active Directory data), analyzing it to identify markers, patterns, and anomalies indicating security issues such as intrusions, lateral movement, command and control, or data exfiltration. The contractor shall operate the USCIS Security Information and Event Management (SIEM) tool and collaborate with development and operational teams to set and implement logging standards. The current system in use is Splunk Enterprise.

Essential

• Provide DevSecOps support for a multi-data center, multi-cloud, multi-region log management system, including user account management, server management, monitoring, patching, Splunk data management, version upgrades, and maintenance of Splunk applications and add-ons.
• Improve log coverage and quality by reconciling log sources, establishing logging standards, auditing log content, and automating documentation of log sources.
• Deploy visualization, analysis, and anomaly detection capabilities, including evaluating and operating tools like Exabeam Threat Hunter or other User Behavioral Analytics solutions, implementing machine learning, and developing dashboards.
• Use Agile tools (JIRA, Confluence, MS Teams) for transparency and creating a unified backlog.

• Bachelor’s degree in computer science.
• Five years of IT systems administration experience and two years of implementing enterprise security solutions.
• Two years of Linux systems administration.
• Experience operating a mid-size Splunk cluster or equivalent certification/experience.
• Strong technical aptitude and effective communication skills.
• Experience with MS Office, JIRA, Confluence, and familiarity with ITIL, DevSecOps, Agile.
• Familiarity with Python, Cribl, Sumo Logic, GitHub, AWS, Azure, Google Cloud.

• Splunk Architect, Admin, Power User
• Security+
• Cribl Admin

• U.S. Citizen eligible for Public Trust and DHS Security Clearance.
• Ability to obtain DHS EOD suitability; current DHS EOD preferred.

• 401K with company match
• Health and wellness packages
• Tuition Reimbursement
• Cutting-edge technology learning opportunities
• PTO and holidays for rest and recharge