Are You An Employer?
If you're looking to post a job, go to our employer website. (Thanks, but I'm searching for a job).)
Are You A Job Seeker?
If you're searching for a job, go to our job seeker website. (Thanks, but I'm looking to post a job).)
Don't display this message again x
Sign In
 [New User? Sign Up]
Mobile Version

Info Assurance Engineer Sr - Splunk Engineer

Lockheed Martin


Location:
Rockville, MD
Date:
03/24/2017
Job Code:
371678BR
Lockheed Martin
  •  
  • Save Ad
  • Email Friend
  • Print

Job Details

This position is in the Enterprise Business Services (EBS) organization and supports the Lockheed Martin Computer Incident Response Team (LM-CIRT). This position is responsible for developing content in SPLUNK for cyber security analysts. This role utilizes expertise in SPLUNK Application development, search capabilities, and building data models, dashboards, and queries to enable visibility, detection, alerting, and reporting for cyber security threats. Cyber security threat types can include external threats, insider threats, and security compliance use cases. Logs sources include but not limited to Intrusion Detection Systems (IDS) or Intrusion Prevention Systems (IPS), malware analysis systems, firewall logs, custom object scanners, endpoint security systems, web logs, and server logs

Responsibilities include, but are not limited to:
- Support security analysts in implementing unique use cases and views into the web UI
- Develop and customize Splunk Apps and dashboards and build advanced visualizations
- Implement integration with external systems such as ticketing systems
- Customize queries, promote advanced searching, forensics and analytics, and advance creative solutions to complex problems
- Perform data interpretation, classification and enrichment
- Build data models
- Manage knowledge objects (e.g. fields, extractions, tags, event types, lookups, workflow actions, aliases, macros, etc.)
- Configure summary-based reports and data model acceleration

We are primarily looking for a candidate with strong experience in SPLUNK advanced content development. Domain knowledge and experience in cyber security trade craft and tools is a plus, but not required for candidates applying for the position. This is a fast paced, challenging position where high performance and quick ramp-up is expected. The ability and willingness to support and meet tight deadlines on a continual basis, while staying focused on policies and procedures will produce successful results. The ability to perform effectively and efficiently, both independently and as a member of a diverse virtual team is most valued

WORK LOCATION FOR THIS POSITION IS IN ROCKVILLE, MD

Basic Qualifications
5 years experience working with SIEM technology in the following disciplines:
- Rule and content development for alerting, metrics, and/or reporting
- Collaborating with data owners and customers on understanding data sources and use cases, and successfully translating requirements to actionable content

At least 2 years of experience with SPLUNK with the following components:
- Using SPLUNK Search Processing Language
- Managing SPLUNK knowledge objects (e.g. fields, extractions, tags, event types, lookups, workflow actions, aliases, macros, etc.)
- Experience developing content with regular expressions, performing data interpretation, classification and enrichment
- Demonstrated strong knowledge and hands-on experience with SPLUNK configuration model, web UI and Common Information Model

Excellent team collaboration skills and written communication skills

Ability to obtain and maintain DoD Secret Clearance

Desired skills
Experience developing and customizing SPLUNK Apps

Experience integrating SPLUNK with external systems such as ticketing systems

Basic web design experience and familiarity with XML, HTML, and Javascript

Experience with scripting languages (e.g. Python, perl, bash etc.)

Basic programming skills in Java, C#, or Ruby

As a leading technology innovation company, Lockheed Martin’s vast team works with partners around the world to bring proven performance to our customers’ toughest challenges. Lockheed Martin has employees based in many states throughout the U.S., and Internationally, with business locations in many nations and territories

Join us at Lockheed Martin, where we’re engineering a better tomorrow

Lockheed Martin is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status

Job Location(s): Rockville Maryland

Quick Search:

Enter Keyword(s):
Enter Location:
Advertisements
Advertisements