Splunk/Python Engineer

Job Description

Job Category: Information Technology

Time Type: Full time

Minimum Clearance Required to Start: None

Employee Type: Regular

Percentage of Travel Required: None

Type Of Travel

• Looking for an exciting engineer role from the comfort of your home?

What You’ll Get To Do

CACI is seeking a Senior level Systems Integration Engineer with Splunk, GitLab experience to support cybersecurity data collection, analysis, and mitigation.
The work will include support for cybersecurity-related projects that encompass automated event identification and incident response, cybersecurity implementation into a Splunk data-lake, analysis of data derived from cybersecurity tools and use the results of that analysis towards developing enhanced and automated queries, and preparation of presentation materials for Government managers.
The engineer will also work with the Integration Layer Architecture Team to develop an approach for expanding the scope of the existing data integration layer to accommodate data from an expanded set of data sources and data fields, as a part of a future solution deployment. The engineer will be supporting system and server updates and will also be responsible for documenting and maintaining security and change management documentation.
This position will support the Continuous Diagnostics and Mitigation (CDM) Program’s mission to safeguard and secure cyberspace in an environment where the threat of cyber-attack is continuously growing and evolving and is responsible for enhancing the security, resilience, and reliability of the Nation’s cyber and communications infrastructure. The CDM Program defends the United States (U.S.) Federal Information Technology (IT) networks from cybersecurity threats by providing continuous monitoring sensors (tools), diagnosis, mitigation tools, and associated services to strengthen the security posture of Government networks.

More About The Role

• Engineer, implement and monitor Splunk security measures for the protection of computer systems, networks, and information
• Identify and define system data collection requirements
• Design computer security architecture and develop detailed cyber security designs using Splunk or other similar tools with breakthrough technology solutions
• Create Python scripts to query data sets and integrate the data into dashboard solutions
• Prepare and document standard operating procedures and protocols for all designed and developed solutions that ensures detailed project documentation
• Develop technical solutions and investigate new security tools to help mitigate security vulnerabilities and automate repeatable reports using Splunk data-lake or other similar tools
• Work with the Splunk Team to understand the Python scripts that have been developed for the current solution, and work with the current Python developed to share responsibilities of development work. Develop query mechanisms using Splunk / Python within hours of receiving a data request
• Deploy Splunk into virtual and cloud environments (AWS and Azure)
• Understanding of principles in Artificial Intelligence, Machine Learning concepts and techniques
• Knowledge of AI/ML algorithms and their implementations, or an ability to learn and understand existing implementations
• A working understanding of Data Science projects and the development methodologies and tooling used by Data Scientists to produce data products (particularly AI/ML products)
• Develop best practices
• Lead a group of engineers for specific projects
• Responsible for developing plans for deployments and maintaining the schedule to completion
• Automate and optimize deployment, testing, and monitoring
• Troubleshoot and resolve issues related to systems and applications

You’ll Bring These Qualifications

• US Citizenship required
• There is no clearance requirement to begin employment. However, as a requirement of continued employment, you must meet eligibility requirements for access to classified information and be clearable to a Department of Homeland Security (DHS) Entrance on Duty (EOD) authorization.
• Experience leading a team and organizing work for to meet priorities
• Experience with Python
• Proficient with GIT
• Utilized GIT for developing our applications and followed Continuous Integration and Continuous Deployment processes.
• Proven work experience as a Splunk architect with a Splunk Enterprise Certified Architect certification
• Experience in building and maintaining data integration and processing systems that receive data feeds from multiple disparate data sources
• Knowledge of network design and network devices: Cisco, F5, Juniper, and Palo Alto with knowledge of applicable API integration
• Demonstrated experience with Python programming with REST API based application development experience.
• Experience using CI-CD tools such as GitLab / Puppet / Ansible for deploying Splunk applications / configurations.
• Detailed technical knowledge of database and operating system security using Splunk attributes
• Hands on experience with Splunk collecting cybersecurity data metrics from firewalls, intrusion detection systems, anti-virus software, vulnerability scanners, authentication systems, log management, content filtering, etc.
• Knowledge of the implementation of attribute-based access control (ABAC) and role-based access control (RBAC) triggers for Splunk
• Applied hands-on knowledge of the use of Splunk with two or more of the following toolsets: Axonius, Forescout, RedHat Enterprise Linux (RHEL and RHEL KVM), ServiceNow, Tanium, VMWare, Windows Server, Tenable, CrowdStrike
• Any other relevant certification on tools used for large scale data integration and processing
• Knowledge / experience of Machine Learning
• Demonstrated experience with continuous integration and software CM processes / tools (GIT, JIRA, Confluence)
• Demonstrated experience with building DevOps pipelines for enterprise systems
• Demonstrated experience working with open-source software and teams on GitHubUnderstanding and experience working with high availability systems and proper protection of HA systems when pulling data
• Experience with network security and networking technologies and with system, security, and network monitoring tools
• Thorough understanding of the latest security principles, techniques, and protocols
• Familiarity with web related technologies (Web applications, Web Services, Service Oriented Architectures) and of network/web related protocols
• Problem solving skills and ability to work under pressure
• BS degree in Computer Science or related field
• Experience developing, building and deploying software using Bitbucket, Git, Jenkins, and Ansible (or equivalent tools).
• Experience with Information Systems Security documentation
• Experience with Compliance and Change Management
• Experience with Security Assessments
• Strong communication skills that enable proactive and effective collaboration with a virtual team, including the ability to clearly articulate status and present to both customers and program leadership.
• Strong written and verbal communication skills to collaborate with and convey focused messages to stakeholders, customers, domain experts, program managers and teammates.
• Strong attention to detail
• Moderate math and statistical skills.
• Exceptional collaboration and organizational skills.
• Highly responsible, team-oriented individual with very strong communication skills and work ethic; self-starter.
• Ability to clearly communicate design rationale and build consensus
• Works independently with minimal supervision
• Problem solving skills and ability to work under pressure
• Ability to prioritize and manage work to critical project timelines in a fast-paced environment
• BS degree in Computer Science or related field

These Qualifications Would Be Nice To Have

• Applied hands-on knowledge of the following toolsets: Axonius, Forescout, McAfee ePO, RedHat Enterprise Linux (RHEL and RHEL KVM), ServiceNow, Tanium, VMWare, Windows Server
• Experience and working knowledge of Elasticsearch, Kibana, Beats, and Logstash (also known as the ELK Stack)
• Experience and working knowledge of Databricks
• Any other relevant certification on tools used for large scale data integration and processing
• Experience with Elastic stack security features, such as client authentication, SSL/TLS configuration, and role-based document filtering.
• Experience using project management tools such as Jira and Confluence to document requirements, acceptance criteria and test cases.
• Knowledge / experience of Machine Learning
• Hands on experience with how Splunk is used to collect cybersecurity data metrics from firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc
• Understanding and experience working with high availability systems and proper protection of HA systems when pulling data

What We Can Offer You

• We’ve been named a Best Place to Work by the Washington Post.
• Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
• We offer competitive benefits and learning and development opportunities.
• We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
• For over 60 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.

Company Overview

CACI is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other protected characteristic.

Pay Range

There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn more here
Since this position can be worked in more than one location, the range shown is the national average for the position.

The Proposed Salary Range For This Position Is

$104,200-$229,200