We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
WOOD Consulting Services, Inc. jobs

SIEM Engineer / Splunk Administrator

WOOD Consulting Services, Inc.
paid time off, sick time, 401(k), retirement plan, remote work
United States, Maryland, Annapolis Junction
306 Sentinel Drive (Show on map)
Mar 02, 2025

SIEM Engineer / Splunk Administrator
Location

US-MD-Annapolis Junction


Job ID
WOOD-0005
 # Positions
1
 Experience (Years)
8
 Category
IT Operational Support


Overview

SIEM (Security Information and Event Management) Engineer / Splunk Admin

woodcons.com

Location(s): Annapolis Junction, Maryland and Columbia, Maryland, USA

Job Type: Full-Time

Shift: Days

Telework: None

Salary Range: **$150,000 - $200,000

** Salary ranges are based on minimum education and years of experience and may increase based on education and/or experience.

Overview: Are you a talented Splunk Administrator looking for an exciting new challenge? Join our dynamic team and play a crucial role in safeguarding our critical operational systems. As a Splunk Administrator, you will be at the forefront of configuring and optimizing our event collection, parsing, correlation, and visualization processes. In this role, you will leverage your expertise in system administration, log management, event correlation, and threat detection to ensure our systems operate seamlessly and securely. You will collaborate with a dedicated team to support analysts and end-users, refining and creating reports, analytics, and dashboards that drive informed decision-making.

Your contributions will be vital in integrating resources across teams, enhancing the accuracy of our audit data, and minimizing false positives and negatives. If you are passionate about cybersecurity and eager to make a significant impact, we want to hear from you!

Application Process: Interested candidates should submit their resume detailing their qualifications and experience.

Security Clearance Requirements:

This position requires all candidates to be U.S. Citizens and possess an active TS/SCI Security Clearance with a **Polygraph.

** Updated within the last five (5) years.



Qualifications

Basic Qualifications

    Splunk Certified Admin strongly preferred.
    • If not Certified, must have extensive, in-depth experience in the engineering and administration of SPLUNK.
  • At least 8 years of related experience.
  • At least 2 years of experience with one or more of the following: StealthWatch, TripWire, Zenoss, ArcSight, Splunk.
  • Experience in design, implementation, and support of Splunk core components, including: indexers, forwarders, search heads, and cluster managers.
  • Experience with configuration and administration of Splunk ingestion and forwarding for new and existing applications and data.
  • Experience with troubleshooting Splunk data-flow issues between the various Splunk core components.
  • Experience configuring and deploying data collection for a variety of operating systems and networking platforms.
  • Experience creating Dashboards and Analytics within SIEM tools.
  • Experience working with monitoring systems supporting auditing, incident response, and system health.
  • Understanding of networking components and devices, ports, protocols, and basic networking troubleshooting steps.
  • The ability to troubleshoot issues with log feeds, search time, and field extractions.
  • The ability to troubleshoot problems related to data solutions.

Preferred Qualifications

  • Bachelor's Degree in Computer Science, Engineering, Information Assurance, or a related discipline.
  • Network Security Operations Center (SOC) experience.
  • Experience and talent in data visualization.
  • Experience creating work-flows for Incident Response within a SIEM Tool.
  • Security+ Certification.
  • GIAC Certified Incident Handler Certification.
  • GIAC Cyber Threat Intelligence Certification.
  • Cybersecurity certifications.
  • Formal SIEM training.
  • Experience working on an Agile team/program.


About WOOD

Fringe Benefits:

  • Health Insurance: Comprehensive medical, dental, and vision plans.
  • Retirement Plan: 401(k) with company match.
  • Paid Time Off: Generous PTO policy including vacation, sick leave, and holidays.
  • Professional Development: Opportunities for training, certifications, and career advancement.
  • Work-Life Balance: Flexible work schedules and remote work options.
  • Wellness Programs: Employee assistance programs, wellness initiatives, and gym membership discounts.

Why Join Us?

  • Impactful Work: Contribute to critical government projects that make a difference.
  • Career Growth: Take advantage of professional development opportunities and career advancement.
  • Supportive Environment: Work in a collaborative and flexible environment that values work-life balance.
  • Competitive Compensation: Enjoy a competitive salary and comprehensive benefits package.

WOOD is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

Applied = 0
MORE JOBS LIKE THIS

(web-b798c7cf6-sn5jf)