HiringCafe
Posted 3d ago

Splunk SIEM Engineer

@ Resource Management Concepts
View All Jobs
Crane, Indiana, United States
$95k-$112k/yrHybridFull Time
Responsibilities:lead transformation, manage ingestion, configure ES
Requirements Summary:DoD 8140 IAT-3 or equivalent, interim DoD Secret clearance, Splunk ES, CIM, data ingestion and correlation, SIEM tuning, dashboards.
Technical Tools Mentioned:Splunk Enterprise, Splunk Enterprise Security, Splunk SOAR, CIM, log ingestion, correlation searches, dashboards
Save
Mark Applied
Hide Job
Report & Hide
Job Description

Position Overview

Resource Management Concepts, Inc. (RMC) provides high-quality, professional services to government and commercial sectors. Our mission is to deliver exceptional management and technology solutions supporting the protection and preservation of the people and environment of the United States of America.

We are seeking a skilled Splunk SIEM Engineer to lead the evolution of our Splunk environment into a fully operational, enterprise-grade Security Information and Event Management (SIEM) platform. This role will be responsible for both the build-out and ongoing operations of the platform, ensuring it delivers reliable, actionable security insights and supports evolving cybersecurity initiatives. This is a hybrid position that requires regular onsite presence in Crane, Indiana.

Key Responsibilities

  • Lead the transformation of the Splunk environment into a fully functional SIEM platform
  • Manage and optimize the data ingestion pipeline:
    • Audit existing data sources for relevance and efficiency
    • Eliminate unnecessary data ingestion to control licensing costs
    • Onboard and integrate new data sources
  • Parse, normalize, and map ingested data to the Splunk Common Information Model (CIM)
  • Configure, maintain, and optimize Splunk Enterprise Security (ES)
  • Configure, maintain, and optimize Splunk security orchestration, automation, and response platform (SOAR)
  • Develop and maintain correlation searches, detections, and use cases
  • Create and tune alerts to improve fidelity and reduce false positives
  • Build dashboards and visualizations for operational awareness and trend analysis
  • Monitor overall platform health and performance
  • Perform system upgrades, patching, and capacity planning
  • Manage intra Splunk certificates
  • Manage the lifecycle of security content:
    • Continuously refine detections and correlation rules
    • Enhance visibility and detection coverage based on emerging threats
  • Ensure consistent SIEM operations regardless of hosting environment or infrastructure ownership
  • Support ongoing security operations and future cybersecurity initiatives