Splunk Engineer Jr.

Position Title: Splunk Engineer Jr.

Location: Ashburn, VA

Clearance: TS

We are an employee-centric company that truly appreciates our team members and their value to our customers and the missions they support. We pride ourselves on being forward-leaning thinkers and fostering teams that are and continue to be technically proficient and technically capable across a comprehensive range of cyber mission areas. OneZero full-time employees receive an extremely competitive benefits package that includes health/dental/vision/life insurance plans, 401K with company matching, PTO & paid holidays, employee referral program, and educational assistance. Additional details can be found on our website at: https://www.onezerollc.com/careers/

Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations. The CBP SOC is responsible for the overall security of CBP Enterprise-wide information systems, and collects, investigates and reports any suspected and confirmed security violations.

The DHS CBP SOC Program has a critical need for a Splunk Jr. Engineer. This is a full time funded position based in Ashburn, VA.

The candidate should have experience deploying and configuring Universal Forwarders and possess demonstrable knowledge of data collection methods such as Syslog, JDBC, or API. This position requires solid experience developing Splunk search queries, and dashboards and reports. Nice to have skills include Unix administration, scripting, understanding of Federal regulatory requirements, and experience using Jira and Confluence.

Must be a US citizen, no clearance required and in addition, must have a current or be able to favorably pass a (BI) Background Investigation to join this program.

Must have experience in the following:
- Splunk Engineering
- Linux and SQL/ODBC interfaces
- App interface development, using REST API's
- Previous project management experience.
- ITIL Change & Configuration Management
- Experience with Ansible and GIT

The candidate should be familiar with recognizing and onboarding new data sources into Splunk, analyzing the data for anomalies and trends, and building dashboards highlighting the key trends of the data. The Splunk engineer should be familiar with a Linux environment, editing and maintaining Splunk configuration files and apps.
The Splunk engineer will work with other Cybersecurity Engineering team members and will be required to interact with end users to gather requirements, perform troubleshooting, and provide assistance with the creation of Splunk search queries and dashboards. The Splunk engineer will be required interact with senior management, as necessary.

Must have one of the following J3 Certifications
CompTIA Advanced Security Practitioner (CASP)
CompTIA Security+
GCIH - Incident Handler
GCWN - Windows Security Administrator
GISF - Security Fundamentals
GSSP - Secure Software Programmer
GICSP -Cyber Security Professional
GSSP - Secure Software Programmer
SEI (Software Engineering Institute)
CCSP - Certified Cloud Security Professional
CISSP - Certified Information Systems Security
CSSLP - Certified Secure Software Lifecycle Professional
SSCP - Systems Security Certified Practitioner
CCNP
CCNP Security
CCIE Security
CEH - Certified Ethical Hacker
ENSA - EC-Council Network Security Administrator
ECSP - EC-Council Certified Secure Programmer
MCSE - Microsoft Certified Solutions Expert (Server)
RHCA
RHCE
VCA (Certified Associate)
VCP (Certified Professional)
VCAP (Certified Advanced Professional)
VCIX (Implementation Expert)
VCDX (Certified Design Expert)
Converged Infrastructure Specialist
Certified Implementation Engineer Specialist
Certified Data Administrator Professional
Certified Storage Associate
Certified Splunk Architect