Splunk Engineer

Peraton is seeking an experienced Splunk Engineer to support a critical mission of national importance. The selected candidate will play a key role in designing, building, maintaining, optimizing, and modernizing our enterprise Splunk environment to ensure peak performance, scalability, and mission readiness. Front-end and back-end experience is required.

Responsibilities:

Front-end

Architect and implement Splunk dashboards for data-center asset inventory and vulnerability reporting.
• Build Executive dashboards that filter and highlight critical assets for situational awareness.
• Normalize dashboard layouts, panels, and visualizations to a consistent styling and naming convention.
• Optimize searches and SPL queries for performance and scalability.
• Integrate new data sources and onboard security systems into Splunk.
• Map CVE and asset owner data into asset-centric dashboards.
• Produce and maintain dashboard documentation: data sources, queries, drill-downs, and user guides.
• Collaborate with stakeholders to plan new dashboards, define requirements, wireframes, and success metrics.

Back-end

• Administer and enhance existing Splunk Enterprise and Enterprise Security deployments across the enterprise.
• Manage Splunk system administration, including operating system and application-level support.
• Apply necessary upgrades, patches, and configuration changes to maintain secure and efficient operations.
• Monitor, analyze, and troubleshoot logs to identify and resolve performance or integration issues.
• Collaborate closely with both contractor and government teams to address technical challenges in real time.
• Analyze and resolve system performance concerns such as latency, bottlenecks, and data flow interruptions.
• Design and implement solutions based on stakeholder requirements, ensuring alignment with enterprise architecture goals.

Location: Baltimore metropolitan area

Required Qualifications:

• Bachelor's degree in one of the following fields: Computer Science, Cybersecurity, Data Science, Information Systems, Mathematics, Software Engineering, or Information Technology with 8+ years of relevant experience; or Master's with 6+ years of relevant experience; Four years of additional experience can be considered in lieu of a Bachelor's degree.
• Active TS clearance with SCI eligibility.
• Active CompTIA Security+ certification.
• 3 years proficiency with SPL, Dashboard Studio, data models, and the Asset Framework.
• 3 years experience using the following tools and technologies: Splunk Enterprise (Search, SPL, Dashboard Studio, Data Models, Asset Framework), Splunk IT Service Intelligence (ITSI),Splunk Security Essential, JIRA, Git, REST APIs, JSON, Basic CSS/HTML for dashboard theming.
• Technical Expertise: Proven hands-on experience administering and leading Splunk implementations, including Enterprise Security.

Preferred Qualifications:

• Minimum 6 years hands-on experience building and supporting Splunk dashboards, reports, and saved searches.
• Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified Ethical Hacker (CEH), Certified Authorization Professional (CAP).
• Strong understanding of asset-centric reporting, CVE tracking, and executive situational awareness use cases.
• Proven ability to optimize Splunk search performance and design intuitive UI layouts.
• Excellent documentation skills and experience transferring knowledge to cross-functional teams.
• In-depth understanding of the Continuous Diagnostics and Mitigation (CDM) program and its phases (vulnerability management, configuration management, identity and access management, and incident response).
• Proficiency in Zero Trust principles, including micro-segmentation, least-privilege access, and continuous verification of users, devices, and services.
• Expertise in the NIST Risk Management Framework (RMF) (SP 800-37/SP 800-53), from categorization through monitoring and continuous authorization.
• Familiarity with the Cybersecurity Assessment and Secure Mission (CASM) model for evaluating control effectiveness and mission impact.

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.