Job Description
Job DescriptionDescription:
We're looking for a skilled SIEM Engineer with strong Splunk expertise to join our small, collaborative team. This role requires someone who can architect monitoring solutions, work directly with clients, and thrive in an agile development environment where technical versatility matters.
You'll be a key technical contributor who can design security solutions, educate stakeholders, and adapt as our technology stack evolves. In our tight-knit team, your ability to take initiative, write code when needed, and guide both clients and colleagues will directly shape our success.
Requirements:
Key Responsibilities
- Design, implement, and maintain SIEM solutions (primarily Splunk) for security monitoring, threat detection, and operational intelligence
- Develop custom integrations, parsers, and automation scripts to enhance platform capabilities
- Build dashboards, correlation rules, alerts, and reports aligned to security and business requirements
- Participate actively in Agile/SCRUM ceremonies and sprint-based delivery cycles
- Troubleshoot complex issues across SIEM platforms, data sources, and integration points
- Work directly with clients to gather requirements, deliver solutions, and provide technical education
- Create comprehensive technical documentation for architectures, configurations, and runbooks
- Contribute to development efforts using Python, PowerShell, or similar languages as needed
- Stay current on SIEM technologies (Splunk, Sentinel, Chronicle, QRadar, etc.) and security trends
Skills and Qualifications
- 5–7 years of hands-on experience with Splunk (or equivalent SIEM platform experience)
- Demonstrated ability with SPL (Splunk Processing Language) or similar query languages (KQL, SQL)
- Scripting/development skills in Python, PowerShell, Bash, or similar languages
- Experience working within Agile/SCRUM methodologies
- Strong understanding of log sources, data normalization, parsing, and enrichment
- Excellent communication skills for client-facing interactions and technical education
- Proven ability to work independently and collaboratively in fast-paced, small team environments
- Self-directed problem-solver with strong documentation habits
- Adaptability to learn new SIEM platforms and technologies as organizational needs evolve
- Formal education not required—demonstrated technical ability and soft skills are what matter
- US Citizen with ability to be cleared by a US Government Federal Agency
- Must be local to the DC Metro area