Junior Security Operations Engineer

This Junior Security Operations Engineer will support enterprise cybersecurity operations, focusing on Splunk, Cribl, and Armis to enhance visibility, detect threats, and support compliance and incident response across on‑premise and cloud environments.

• SIEM & Security Tools Support (Primary Focus)
  • Support and maintain Splunk for log ingestion, search, and security analysis.
  • Work with the TMI team to support the M‑21‑31 mandate.
  • Assist with onboarding, integrating, and validating data sources into SIEM platforms.
  • Support Armis for asset visibility and security monitoring.
  • Support Cribl for log routing, transformation, and pipeline optimization.
  • Ensure reliable log ingestion and data flow into centralized security systems.
• Log Management & Data Handling
  • Analyze logs from Windows, Linux, network, and enterprise systems.
  • Understand log sources and their relevance to security investigations.
  • Ensure logs are centralized, searchable, and investigation ready.
  • Troubleshoot missing, delayed, or malformed log data.
• Troubleshooting & Operational Support
  • Troubleshoot SIEM platforms and supporting infrastructure.
  • Assist internal teams with technical security issues.
  • Resolve issues related to log ingestion, connectivity, and performance.
  • Troubleshoot Splunk Universal Forwarders and resolve issues on Windows and Linux platforms.
• Environment & Platform Awareness
  • Develop understanding of enterprise infrastructure, architecture, and data flows.
  • Understand how logs are generated and consumed by various platforms.
  • Understand interactions between systems and security tools.
• On‑Premise Support & Collaboration
  • Work on site full time initially for hands‑on exposure and collaboration.
  • Support on‑prem systems and infrastructure as needed.
  • Work directly with engineers, admins, and stakeholders to resolve issues.

• At least one year of foundational experience supporting SIEM platforms, particularly Splunk and Armis.
• Experience analyzing logs and security events across enterprise environments.
• Working knowledge of Windows and Linux systems from a security or operational perspective.
• Ability to troubleshoot log ingestion, system connectivity, and tool performance issues.
• Strong analytical, documentation, communication, and collaboration skills.
• Active Public Trust clearance (required).

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field, or equivalent practical experience.
• Any Splunk certification is required.

• Master’s degree in Cybersecurity, Computer Science, Information Technology, or related field.
• Exposure to Whitehouse mandates such as M‑21‑31 or similar compliance frameworks.
• Experience with SIEM engineering, tuning, or data source onboarding.
• Familiarity with tool integrations (Armis, Cribl).
• Basic scripting (Python, Power Shell, Unix shell) or automation experience to support log handling or troubleshooting.
• Cribl training or experience.
• Armis training or experience.
• Security+ or other foundational security certifications.
• Cloud (Azure and AWS) knowledge (training and/or certifications).

• Quarterly bonuses and competitive compensation rates.
• Comprehensive health benefits package and 401(k) retirement plan.
• Employee assistance program for mental health support.
• Company-sponsored continuing education program to pursue degrees or certifications.
• Paid Time Off and 11 paid holidays per year.
• Flexible work options.
• Work/life balance support.