Security Engineer III, Splunk Content Engineer; Secret Clearance

Position: Security Engineer III, Splunk Content Engineer (Secret Clearance)

Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever-changing threat landscape. Through powerful solutions and managed services that simplify complexity, we enable our clients to operate with resilience, grow with confidence, and proactively manage to secure success.

As a Security Engineer III on the Government & Public Services team, you will be responsible for…

Implementing automation to optimize workflows and improve security response uniformity across client environments

Developing content for security platforms such as Splunk, Archer, Tanium, Trellix, Fire Eye, and Crowd Strike

Building, implementing, and managing security information and event management correlation rules, logic, and content

Tuning security information and event management rules and logic to reduce false positives, known errors, and expected network behavior

Creating scheduled and ad hoc reporting, maintaining event schemas, and applying customized security severity criteria

A successful candidate would possess these skills:
Ability to work independently and collaborate as part of a team Effective written and verbal communication skills Meticulous attention to detail and quality of work product Ability to build and sustain professional relationships Ability to lead projects or work streams Ability to manage and prioritize multiple tasks in a fast-paced and dynamic environment Strong interpersonal skills and professional demeanor Ability to meet deadlines Ability to mentor and provide clear guidance to others Qualifications

Required:

Bachelor's Degree required.

Active Secret Clearance required.

Ability to work onsite in Herndon, VA up to 3 days a week.

2+ years of experience within the following:

Developing, implementing, and managing security information and event management correlation rules and content

Experience building and implementing event correlation rules, logic, and content in a security information and event management environment

Experience tuning event correlation rules and logic to filter security events associated with known network behavior, false positives, and known errors

Experience maintaining an event schema with customized security severity criteria

Experience creating scheduled and ad hoc reporting with security information and event management tools

Experience with security information and event management technologies and event collector deployments in Windows and Linux operating environments

Ability to travel 15%, on average, based on the work you do and the clients and industries/sectors you serve.

Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.

Preferred:

Experience creating content for one or more of the following tools:
Splunk, Archer, Tanium, Trellix, Fire Eye, or Crowd Strike

Experience supporting cyber defense, security operations, or incident response environments

Experience working with government clients or within regulated environments Experience automating security workflows and operational processes Experience leading technical work streams or junior team members

Deloitte is committed to providing reasonable accommodations for people with disabilities. If you require a reasonable accommodation to participate in the recruiting process, please direct your inquiries to the Global Call Center (GCC) at

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

#J-18808-Ljbffr