Splunk Developer; Mid-Level

Position Overview:

The Splunk Team Lead will be responsible for overseeing the Splunk monitoring and analytics operations within the Applied Cybersecurity (ACS) team. This role involves managing the implementation, maintenance, and optimization of Splunk infrastructure, ensuring real-time data analytics, and providing critical insights into cybersecurity posture. The Splunk Team Lead will work closely with various departments, including the Application Services Branch (ASB), development teams, and compliance teams, to ensure the effective use of Splunk for monitoring, reporting, and security hardening.

Key Responsibilities:

• Cyber Posture Reporting:
• Oversee the analysis and reporting of the organization's cyber posture.
• Provide insights into vulnerabilities and recommend actions for improvement.
• Splunk Infrastructure Management:
• Manage the synchronization of Splunk data across all relevant platforms.
• Ensure data consistency, accuracy, and optimal performance of Splunk infrastructure.
• Monitoring and Alerting:
• Implement and maintain monitoring solutions for various systems, including Resolve, Automated Badging Request (A ), and development environments.
• Develop and optimize dashboards for real-time data analytics and automated alerts.
• Development and Server Requests:
• Process and fulfill development account and server requests.
• Ensure proper configuration and accessibility of accounts and servers.
• Compliance and Security:
• Conduct Independent Verification and Validation (IV&V) of audit controls.
• Update and maintain Authority to Operate (ATO) and Security Impact Analysis (SIA) documentation.
• Ensure compliance with security standards and protocols.
• Vulnerability Management:
• Monitor and report on Common Vulnerabilities and Exposures (CVE) trends.
• Prioritize and address remediation efforts based on CVE data.
• Team Leadership:
• Lead and mentor the Splunk team, providing guidance and support.
• Coordinate with other departments to ensure effective collaboration and communication.
• Ongoing Projects:
• Oversee ongoing projects, including Real-time Data Analytics (RTDA) discussions, development cloud specifications, and backend maintenance.
• Ensure timely completion and successful implementation of projects.

Qualifications:

• Education:
• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Experience:
• Minimum of 5 years of experience in cybersecurity, with a focus on Splunk monitoring and analytics.
• Proven experience in managing Splunk infrastructure and real-time data analytics.
• Experience in vulnerability management and compliance.
• Skills:
• Strong knowledge of Splunk, including dashboard creation, data ingestion, and alerting.
• Excellent analytical and problem-solving skills.
• Strong leadership and team management abilities.
• Effective communication and collaboration skills.
• Knowledge of cybersecurity standards and protocols.
• Familarity with Dev Sec Ops  and Cloud (Azure > AWS)
• Certifications:
  
  Splunk, Cloud, Security +, etc.

Key Competencies:

• Attention to Detail:
• Ensure accuracy and thoroughness in monitoring, reporting, and compliance activities.
• Technical Proficiency:
• Demonstrate expertise in Splunk and related technologies.
• Leadership:
• Lead and mentor the Splunk team, fostering a collaborative and productive work environment.
• Problem-Solving:
• Identify and address issues promptly and effectively.
• Communication:
• Communicate clearly and effectively with team members and other departments.