Splunk Engineer

At phia we hire talented and passionate people who are focused on collaborative, meaningful work, providing technical and operational subject matter expertise and support services to our partners and clients.

phia is seeking a Splunk Engineer with a passion for protecting large enterprises from cyber threats. This is a remote position to be performed from within the United States. U.S Citizenship and the ability to obtain a Public Trust are required.

• Tune and configure Splunk Core and Splunk Enterprise Security (ES) services.
• Develop and implement actionable alerts and workflows for Splunk as a SIEM tool.
• Create and manage Apps & Knowledge Objects (KO) including dashboards, reports, and data models.
• Collaborate with Splunk Architect/Admin to promote private KO to Global KO.
• Implement automation to improve CISO workflow efficiency using Splunk.
• Work with CISO end users to build content and develop advanced security use cases.
• Develop risk rules and risk incident rules for correlating and alerting significant cyber events.
• Create custom dashboards for Risk-Based Alerting (RBA) highlighting risk details, health analysis, and risk suppression.
• Configure incident response and remediation workflows for ES notable events.
• Develop custom machine learning models for anomaly-detection based alerting augmentation.
• Participate in requirements gathering, solution architecting, and design of technology solutions for Continuous Monitoring Program.
• Conduct workshops and training sessions for CISO teams on Splunk engineering, searching, and content development.
• Assist CISO Splunk Engineering team with Data Lifecycle Support.
• Work with various stakeholders to implement and maintain event logging across multiple systems and platforms.
• Support off-hours and weekend efforts for incident investigations and systems maintenance.

• 5+ years of experience in information security operations and/or related IT operational functions.
• Experience supporting operational Splunk deployments (e.g. installation & maintenance, data ingestion, creation/configuration/tuning of dashboards/rules/workflows/reports/etc.).
• Experience with SAAS- or cloud-hosted Splunk implementation (preferred).
• Proven ability to provide high-quality written technical reports and effective stakeholder communication.
• Excellent organizational skills.

• U.S. Citizenship required.
• Ability to obtain Public Trust (or higher) government clearance.

• Bachelor’s degree in Computer Science, Information Technology or Information Security or other relevant disciplines.
• Proximity to customer locations in the DMV (DC, MD, or VA) Metro area or Raleigh/Durham, NC is ideal.

• Splunk Core Certified Power User
• Splunk Core Certified Advanced Power User
• Splunk Enterprise Certified Admin
• Splunk Cloud Certified Admin
• Other Splunk or SIEM certifications

#LI-LC1

Who You Are

A proactive problem solver that appreciates the challenges of working in a fast-paced, dynamic environment.

Intellectually curious with a genuine desire to learn and advance your career.

An effective communicator, both verbally and in writing.

Customer service-oriented and mission-focused.

Critical thinker with excellent problem-solving skills

If your experience and qualifications aren’t a match for this position, you will remain in our database for consideration for future opportunities that may be a better fit.

Who We Are

phia, LLC is a Northern Virginia-based, small business established in 2011 with a focus on Cyber Intelligence, Cyber Security/Defense, Intrusion Analysis & Incident Response, Cyber Architecture & Capability Analysis, Cyber Policy & Strategy, and Information Assurance/Security. we proudly support various agencies and offices within the Department of Defense (DoD), Federal government, and private/commercial entities.

phia values work-life balance and offers the following benefits to full-time employees:

Comprehensive medical insurance to include dental and vision

Short Term & Long-Term Disability

401k Retirement Savings Plan with Company Match

Tuition and Professional Development Assistance Flex Spending Accounts (FSA)

phia does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity, or any other reason prohibited by law in the provision of employment opportunities and benefits.