View all jobs

Cyber Data Analytics Engineer

Beltsville, MD

This position will work a rotating hybrid schedule in Beltsville, MD. WEEK 1 - 2 days onsite, 3 days remote WEEK 2 - 3 days onsite, 2 days remote.


  • Manage the administration of a growing 15 TB/day on-premises Splunk deployment, including both operating system and application aspects.
  • Integrate new data sources and technologies into Splunk Enterprise using the Common Information Model (CIM).
  • Onboard data by directly editing Splunk configuration files, utilizing RegEx skills as needed.
  • Troubleshoot log feeds by effectively communicating with external departments in an enterprise environment.
  • Apply upgrades and patches as necessary to maintain system security and compliance.
  • Assist cyber analysts in solving complex big data search processing challenges using expert SPL knowledge.
  • Support Splunk Enterprise Security and Ansible.
  • The position will require several days per week working onsite in Beltsville, MD.
Basic Qualifications:
  • Requires a Bachelor’s Degree and at least 9 years of experience in IT. Masters in Data Analytics preferred.
  • US Citizenship with a Secret clearance and with the ability to obtain a Top Secret clearance.
  • Must be able to work a hybrid schedule.
  • Hands-on experience with Unix in a STIG environment.
  • Proficiency in working with bash prompts, including editing configuration files and performing troubleshooting analysis with TCPDump.
  • Prior Tier-1 Administrator experience, including familiarity with network protocols such as DNS, DHCP, LDAP, SSH, SMTP, etc.
  • At least 3 years of hands-on Splunk Administration experience in a multi-indexer search head cluster environment.
  • Understanding of security-centric data sets.
  • Familiarity with cloud computing and experience working in a cloud environment.
  • Proficiency in Python, SQL, Bash, and PowerShell.
  • Must have one of the following certifications: CASP+ CE, CCNP, CEH, CFR, CHFI, CISA, CISSP, Cloud+, CND, CySA+, GCED, GCIH, GICSP, or SSCP or the ability to obtain before start date.

Share This Job

Powered by