Splunk Engineer

Looking for an opportunity to make an impact

At Leidos we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers success. We empower our teams contribute to our communities and operate sustainably. Everything we do is built on a commitment to do the right thing for our customers our people and our community. The Leidos National Security Sector (NSS) combines technology-enabled services and mission software capabilities in the areas of cyber logistics security operations and decision analytics to support our defense and intel customers mission to defend against evolving threats around the world.

Your greatest work is ahead!

The Multi-domain Solutions Division (MDS) within the Leidos National Security Sector is seeking a skilled Splunk Engineer to join a new cyber security program and play a key role in supporting government-critical systems. You will be part of a program that oversees development integration delivery and operations and maintenance of IT managed security services which encompasses support to monitor the cybersecurity threat and security posture situational awareness for the enterprise. This opportunity is in anticipation of a future contract award!

What youll be doing:

• Support a high-impact federal cybersecurity program focused on protecting critical government infrastructure.
• Design implement and maintain Splunk Enterprise / Splunk Cloud environments to provide real-time visibility advanced analytics and incident detection and response capabilities across complex enterprise systems.
• Design deploy and optimize Splunk Enterprise or Splunk Cloud environments including indexers forwarders and search heads.
• Create and manage custom dashboards reports alerts and data models to support SOC operations and cybersecurity investigations.
• Ingest and normalize diverse data sources (e.g. syslogs Windows Event Logs cloud service logs) using TA and CIM (Common Information Model).
• Tune Splunk correlation rules and detection content to reduce false positives and improve threat detection.
• Automate data ingestion parsing and transformation using Splunks and .
• Assist in the development of Security Information and Event Management (SIEM) use cases and support incident response teams with ad hoc queries and dashboards.
• Maintain system performance reliability and security applying best practices and compliance with NIST FISMA FedRAMP or other government security frameworks.
• Support compliance reporting and continuous monitoring requirements (e.g. CDM RMF).
• Coordinate with cybersecurity analysts engineers and program managers to ensure visibility into threat activity and system health.

What does Leidos need from me

• Active Top Secret/SCI (TS/SCI) with Polygraph security clearance required. Must be U.S. Citizen.
• Bachelors degree in Computer Science Information Security or related field (or equivalent work experience).
• 3 to 5 plus years of experience with Splunk in a security operations or engineering role.
• Hands-on experience with Splunk Enterprise Security (ES) and familiarity with detection engineering practices.
• Strong understanding of log management threat detection and incident response workflows.
• Experience with STIGs RMF FedRAMP NIST 800-53 or other federal cybersecurity compliance requirements.
• Familiarity with cloud environments (AWS Azure or GCP) and cloud-based logging sources.

Favorable if you have:

• Splunk Certified Power User / Admin / Architect / ES Certified.
• Experience with DevSecOps pipelines SOAR or integration with tools like Phantom ServiceNow CrowdStrike or Tenable.
• Familiarity with Elastic Stack Sentinel QRadar or other SIEM platforms (for comparative understanding).

Original Posting:

For U.S. Positions: While subject to change based on business needs Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job education experience knowledge skills and abilities as well as internal equity alignment with market data applicable bargaining agreement (if any) or other law.