Splunk Specialist (SIEM Engineer / SOAR SME)

About the Role: EGlobalTech, a Tetra Tech Company, is hiring a Splunk Specialist (SIEM Engineer/SOAR SME) with an active Secret Clearance to join our Cyber Solutions Practice in Arlington, VA and support a federal customer located in Leesburg, VA, on a newly awarded Security Operations Center contract. Qualified candidates should have experience leading a network security environment, such as a Security Operations Center (SOC), Computer Emergency Response Team (CERT), Computer Incident Response Team (CIRT), Computer Incident Response Center (CIRC) or Cyber Security Incident Response Center (CSIRC). This role offers excellent compensation, career growth potential, and a total rewards package that includes PTO, paid holidays and corporate events, continuing education reimbursements, 401K, an Employee Stock Purchase Plan (ESPP) through Tetra Tech, and more! Responsibilities: Assist with coordination and integration of security relevant data into Security Information and Event Management (SIEM) Designs new Splunk solutions based on customer requirements Aids customers in refining existing Splunk deployments while applying Splunk best practices Deploys Splunk in clustered and non-clustered environments (based on customer needs; includes indexer clusters, multi-site indexer clusters, and search head clusters) Guides the customer and support staff to apply best practices to management of Splunk knowledge objects (Apps, Dashboards, Saved Searches, Scheduled Searches, Alerts) Works with data owners and other third parties to design and implement a data pipeline using forwarders and other tools Works with security and other relevant stakeholders to determine high availability requirements and to develop recommendations for replication and related features Provide SIEM engineering efforts and provide direct support to SOC operations Serve as the lead for all Security Orchestration, Automation, Response (SOAR) activities within the SOC SOAR activities include: SIEM Demonstrate SOAR capabilities via SIEM and ticketing system. Demonstrate SOAR capabilities via SIEM and remediation activities. Demonstrate areas where the application of SOAR will provide immediate return on investment. Implement solutions to enable or improve SOAR capabilities. Ensure availability of the SIEM and provide administrative oversight of the tool Responsible for the implementation, operations, maintenance and lifecycle management of the SIEM tool Revise and develop processes to strengthen the current operational activities; review policies and recommend changes to improve tool usage and governance Coordinate with stakeholders to build and maintain positive working relationships Excellent analytical and communicative skills along with collaborative, teaming and interpersonal skills Required Qualifications: Active Secret Clearance Minimum seven (7) years IT experience with at least two (2) years of experience in the role of SIEM/SOAR Content Development. BS Degree in Cyber or IT or an additional six (6) years of work experience substitution Experience working with Splunk Experience working in a SOC type environment. Ability to work on site in Leesburg, VA 3 times a week About Us: EGlobalTech (EGT), a wholly owned subsidiary of Tetra Tech, provides the public sector with innovative solutions, leveraging cutting-edge tools and methodologies to meet the Government’s most pressing business needs. At the core of our business philosophy, technology opportunities are tightly woven with business goals to guide true transformations. EGT integrates cyber, technology, and business expertise to cross-pollinate, educate, and enhance awareness to better prepare for our customer’s challenges. EGT’s innovative advantage is the horizontal R&D services of EGT Labs focused on high-value, repeatable solutions in Artificial Intelligence (AI), Robotic Process Automation (RPA), DevSecOps, and cloud transformation to solve customer challenges and they surface and advance program mission. EGT’s cooperative community of experts makes our solutions adaptive, forward thinking, and teams able to provide end-to-end results. Our highly motivated employees thrive in a culture that encourages out-of-the-box thinking, collaboration, and an environment where you can excel. For more information, please visit our website at www.eglobaltech.com Pay and Benefits Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here. https://www.eglobaltech.com/careers Equal Employment Opportunity: As a condition of employment with EGlobalTech, any successful job applicant will be required to successfully complete a background investigation, which may also include a pre-employment drug screen and/or a credit check for positions in some areas of our business. EGlobalTech is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender, age, status as a protected veteran, sexual orientation, gender identity, or status as a qualified individual with a disability. EGlobalTech participates in the E-Verify program. EEO is the law. COVID Response In order to enter EGT facilities in the U.S. and to attend EGT events outside our facilities, employees are required to be vaccinated for COVID-19 or maintain proof of a negative COVID-19 test within 72 hours of entry. In addition, we are receiving guidance from certain customers that onsite contractor personnel will need to be fully vaccinated to access customer facilities. If you are not vaccinated, please consider getting your COVID-19 vaccination as soon as possible. If you have any questions, please contact your EGT Recruiter.