Splunk Engineer Jr.

We are an employee-centric company that truly appreciates our team members and their value to our customers and the missions they support. We pride ourselves on being forward-leaning thinkers and fostering teams that are and continue to be technically proficient and technically capable across a comprehensive range of cyber mission areas. OneZero full-time employees receive an extremely competitive benefits package that includes health/dental/vision/life insurance plans, 401K with company matching, PTO & paid holidays, employee referral program, and educational assistance. Additional details can be found on our website at: https://www.onezerollc.com/careers/

Title: Splunk Engineer Jr.

Location: Alexandria, VA

Clearance: Secret

Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations. The CBP SOC is responsible for the overall security of CBP Enterprise-wide information systems, and collects, investigates and reports any suspected and confirmed security violations.

The DHS CBP SOC Program has a critical need for a Splunk Jr. Engineer. This is a full time funded position based in Alexandria, VA.

The candidate should have experience deploying and configuring Universal Forwarders and possess demonstrable knowledge of data collection methods such as Syslog, JDBC, or API. This position requires solid experience developing Splunk search queries, and dashboards and reports. Nice to have skills include Unix administration, scripting, understanding of Federal regulatory requirements, and experience using Jira and Confluence.

Required Certifications

CCIE Security
Cisco Certified Network Professional (CCNP)
CCNP Security
CCSP - Certified Cloud Security Professional
CEH - Certified Ethical Hacker
Certified Data Administrator Professional
Certified Implementation Engineer Specialist
Splunk Certified Architect
Certified Storage Associate
CISSP - Certified Information Systems Security
CompTIA Advanced Security Practitioner (CASP)
CompTIA Security
Converged Infrastructure Specialist
CSSLP - Certified Secure Software Lifecycle Professional
ECSP - EC-Council Certified Secure Programmer
ENSA - EC-Council Network Security Administrator
GCIH - Incident Handler
GCWN - Windows Security Administrator
GICSP -Cyber Security Professional
GISF - Security Fundamentals
GSSP - Secure Software Programmer
MCSE - Microsoft Certified Solutions Expert (Server)
RHCA - Red Hat Certified Architect
RHCE - Red Hat Certified Engineer
SEI (Software Engineering Institute)
SSCP - Systems Security Certified Practitioner
VCA (Certified Associate)
VCAP (Certified Advanced Professional)
VCDX (Certified Design Expert)
VCIX (Implementation Expert)
VCP (Certified Professional)
CompTIA Linux Network Professional (CLNP)
Microsoft 365 Fundamentals
Microsoft Certified Azure Fundamentals
MS 365 Certified: Security Administrator
Microsoft Certified Azure Security Engineer (Associate)
RHCSA - Red Hat Certified System Administrator
Splunk Enterprise Certified Architect
Splunk Enterprise Security Certified Admin
Splunk IT Service Intelligence Certified Admin
Splunk Enterprise Certified Administrator
Splunk Cloud Certified Admin
Splunk Core Certified Consultant
Splunk SOAR Certified Automation Developer
Splunk Certified Developer
AWS Certified Solutions Architect - Associate
AWS Certified DevOps Engineer - Professional
The Linux Foundation Certified Kubernetes Administrator (CKA)
The Linux Foundation Certified Kubernetes Application Developer (CKAD)
Swimlane Certified SOAR Developer
ISACA Certified Data Privacy Solutions Engineer (CDPSE)
ISACA Certified Information Security Manager (CISM)
Swimlane Certified Administrator
Swimlane Certified SOAR Developer

Must be a US citizen, no clearance required and in addition, must have a current or be able to favorably pass a (BI) Background Investigation to join this program.

Must have experience in the following:
- Splunk Engineering
- Linux and SQL/ODBC interfaces
- App interface development, using REST API's
- Previous project management experience.
- ITIL Change & Configuration Management
- Experience with Ansible and GIT

The candidate should be familiar with recognizing and onboarding new data sources into Splunk, analyzing the data for anomalies and trends, and building dashboards highlighting the key trends of the data. The Splunk engineer should be familiar with a Linux environment, editing and maintaining Splunk configuration files and apps.
The Splunk engineer will work with other Cybersecurity Engineering team members and will be required to interact with end users to gather requirements, perform troubleshooting, and provide assistance with the creation of Splunk search queries and dashboards. The Splunk engineer will be required interact with senior management, as necessary.

OneZero Solutions, LLC is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access www.onezerollc.com/careers as a result of your disability.

To request an accommodation, please contact us at recruiting@onezerollc.com or call (202) 987-2580.