Abile Group has an exciting and challenging opportunity for an Splunk Engineer (SME) supporting an Intelligence Community Customer. 

The right candidate will possess the below skills and qualifications and be ready to handle all responsibilities independently and professionally.

• Implements, tests, and operates advanced software security techniques in compliance with technical reference architecture.
• Performs on-going security testing and code review to improve software security.
• Troubleshoots and debugs issues that arise.
• Provides engineering designs for new software solutions to help mitigate security vulnerabilities.
• Contributes to all levels of the architecture and maintains technical documentation.
• Consults team members on secure coding practices. Develops a familiarity with new tools and best practices.
• Designs, implements, and maintainins SIEM and SOAR solutions.
• Designs and implements threat detection, automate incident response processes, integration of various security tools with SIEM and SOAR platforms via APIs
• Maintains SIEM applications to collect and aggregate IDS and IPS data from network sensors, raw data from collection agents, firewalls, proxy servers, DLP, antivirus, vulnerability scanner elements, and other security-relevant devices.
• Utilizes expertise in Splunk "Search" language, Splunk Dashboards, Reports, Lookup Tables, and Summary Indexes. Build Splunk dashboards that take inputs from various data sources such as application logs / operating system logs / middleware logs / network feeds etc. and identify / highlight anomalous activities on the dashboards by their severity levels.
• Performs troubleshooting and provides assistance with the creation of Splunk search queries and dashboards.

Clearance Required:  TS/SCI 

Degree and Years of Experience: 5 to 8 years with BS/BA or 3 to 5 years with MS/MA or 0 to 2 years with PhD

Required Certification: 

• DoD 8570 Level 3 Certification

Required Skills:

• Requires experience with importing data in Splunk from various sources: endpoint security, network security (Firewalls, IPS/IDS, DNS, Proxy, etc.), data and application security, cloud security and technologies.
• Requires experience with performing systems administration, including performing installation, configuration, monitoring system performance and availability, upgrades, and troubleshooting of Splunk.
• Requires experience with designing, implementing, configuring, operating, or testing IT systems or security infrastructure.
• Requires experience building dashboards highlighting the key trends of the data.
• Requires proficiency within a Windows and Linux environment, editing and maintaining Splunk configuration files and apps.
• Experience in working in a Splunk clustered environment supporting SOC or NOC environment required.
• Experience with virtualization technologies required.
• Splunk Architect, Splunk Admin

Abile Group, Inc. was formed in July 2004 to partner with the Intelligence Community and their Contractors in the areas of Enterprise Analytics & Performance Management, IT & Systems Engineering and Program & Project Management. We have significant experience with the Federal Government and are an EDWOSB dedicated to our employees and clients.  We are looking for high performing employees who enjoy providing advice and guidance along with solutions development and implementation support, crafted by combining industry best practices with the clients’ subject matter experience and Abile’s breadth of expertise. 

Abile Group, Inc. is an Equal Opportunity Employer.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.  Anyone requiring reasonable accommodations should email careers@abilegroup.com with requested details.  A member of the HR team will respond to your request within 2 business days. 

Please review our current job openings and apply for the positions you believe may be a fit. If you are not an immediate fit, we will also keep your resume in our database for future opportunities.