splunk administrator

Splunk Administrator

Job Summary: Protect national security by designing and optimizing defense systems, implementing advanced software security techniques, and troubleshooting security issues.


About the Role:

KBR's National Security Solutions team provides high-end engineering and advanced technology solutions to customers in the intelligence and national security communities.

As a Splunk Administrator, you will play a critical role in designing and optimizing defense systems that ensure national security and shape the future of space defense.

Key Responsibilities:

• Implement, test, and operate advanced software security techniques in compliance with technical reference architecture
• Perform on-going security testing and code review to improve software security
• Troubleshoot and debug issues that arise
• Provide engineering designs for new software solutions to help mitigate security vulnerabilities
• Contribute to all levels of the architecture and maintain technical documentation
• Consult team members on secure coding practices
• Develop a familiarity with new tools and best practices
• Designing, implementing, and maintaining SIEM and SOAR solutions
• Design and implement threat detection, automate incident response processes, integration of various security tools with SIEM and SOAR platforms via APIs
• Maintain SIEM applications to collect and aggregate IDS and IPS data from network sensors, raw data from collection agents, firewalls, proxy servers, DLP, antivirus, vulnerability scanner elements, and other security-relevant devices
• Utilize expertise in Splunk Search language, Splunk Dashboards, Reports, Lookup Tables, and Summary Indexes
• Build Splunk dashboards that take inputs from various data sources such as application logs / operating system logs / middleware logs / network feeds etc. and identify / highlight anomalous activities on the dashboards by their severity levels
• Perform troubleshooting and provide assistance with the creation of Splunk search queries and dashboards

Requirements:

• 8 to 10 years experience with BS/BA or 6 to 8 years with MS/MA or 3 to 5 years with PhD
• DoD 8570 Level 3 Certification
• Experience with importing data in Splunk from various sources: endpoint security, network security (Firewalls, IPS/IDS, DNS, Proxy, etc.), data and application security, cloud security and technologies
• Experience with performing systems administration, including performing installation, configuration, monitoring system performance and availability, upgrades, and troubleshooting of Splunk

Benefits:

• Competitive salary: $150,000 to $160,000
• KBR offers a selection of competitive lifestyle benefits which could include 401K plan with company match, medical, dental, vision, life insurance, AD&D, flexible spending account, disability, paid time off, or flexible work schedule
• We support career advancement through professional training and development
• Inclusion and diversity at

KBR:
we are passionate about our people, sustainability, and our Zero Harm culture.

Salary : $150,000 - $160,000