Job details

Splunk Engineer - Consultant Certified / SOAR Accreditation / TS/SCI CI Poly (R-00052)

Get a free resume review

True Zero Technologies, a veteran-owned small business, was founded on the principle that the purposeful enablement of people and technology in an organization directly ties to the quality of its outcomes. True Zero recognizes that said outcomes begin and end with our people, and that is what we have built, a community of like-minded, driven, and passionate individuals and innovators who are aligned in a common goal of delivering top tier services to our customers. In 2023, True Zero was recognized as a “Best Places to Work” in two categories ("Prosperous and Thriving" ($5MM – $50MM in gross revenue) and "Mid-Atlantic Region" (DC, DE, MD, NC, VA, WV)) and in 2022, was recognized as one of Inc. Magazine’s Top 5000 Fastest Growing Companies.

True Zero Technologies is seeking experienced Splunk SOAR engineers or consultants to join our Data Analytics Practice. The position supports the design, implementation, and administration of True Zero's federal customers Splunk SOAR environment, integration with the customers large Enterprise Splunk environment and other various tools. Candidates must possess prior experience working with Splunk SOAR, from both an implementation perspective as well as custom playbook development and workflow defining experience. Candidates with experience in AWS Cloud, Cribl, Syslog, and Axonious is a big plus.

As a TZT consultant, the candidate will receive access to the full knowledge base which is driven by the True Zero community as well as the technical backing of the entire PS team. True Zero encourages collaboration and growth through information sharing and knowledge workshops. The candidate will also have access to our internal Slack channel to stay connected with the team as well as the necessary tools to train, demo, test and grow their professional skills.

Qualification Requirements

Minimum 3-5 years of relevant market experience
Splunk SOAR Accreditation or 2 years of Splunk SOAR or equivalent SOAR platform experience
Ability to showcase strong knowledge of Python language
Experience designing and implementing ground up distributed Splunk SOAR installations
Experience with advanced configuration of Splunk SOAR
Experience maintaining and administering enterprise Splunk SOAR environments
Experience developing custom SOAR playbooks, workflows, and configurations
Experience integrating SOAR platform with other tools from both a data and automation perspective
Enterprise experience working with large teams or collaborative environments
Experience working in linux and windows environments, ability to configure:
Storage subsystems (I.e. partitioning, Volume Groups, Logical Volumes, etc.)
SELinux and FAPolicyd
Familiarity with different flavors of Linux distros (RedHat, CentOS, Ubuntu, etc.)
File Permission Settings (linux/windows)
Excellent written and oral skills, ability to work closely with multiple customers, manage expectations, and track engagement scope.

Preferred Qualifications

Splunk Core Consultant Certification
Adept at extracting value from data and establishing security use cases
Proficient in establishing standardized practices and documentation
Possess an understanding of Syslog daemon configuration principles, ideally in Syslog-NG and RSyslog configurations.
Cloud experience (AWS, Azure, etc.)
Cribl Experience, working with source/destination definitions, pipelines and PACKS, as well as experience writing regular expressions and building routes
Experience with Government CDM Programs
Familiarity with the aggregation tool Axonius
Development and API experience (Python, Perl, XML)
Ansible, Spacewalk, and other enterprise automation tool experience.
Hardware experience and storage experience (SAN, NAS, etc.)

U.S. Citizenship is required as this is in support of a Federal Customer.

We’re actively searching for talented security and technology practitioners who are ready to experience the True Zero difference. As a True Zero team member, you'll enjoy:

- Competitive salary, paid twice per month

- Best in class medical coverage

- 100% of medical premiums covered by True Zero

- Company wide new business incentive programs

- Contribution Incentives (i.e. white papers, blog posts, internal webinars, etc.)

- 3 weeks of PTO starting + 11 Paid Holidays Annually

- 401k Program with 100% company match on the first 4%

- Monthly reimbursement of Cell Phone and Home Internet costs

- Paternity/Maternity Leave

- Investment in training and certifications to broaden and deepen your technical skills

True Zero Technologies Glassdoor Company Review

5.0

True Zero Technologies DE&I Review

5.0

CEO of True Zero Technologies

Unknown name

Approve of CEO

Average salary estimate

$100000 / YEARLY (est.)

min

max

$80000K

$120000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Splunk Engineer - Consultant Certified / SOAR Accreditation / TS/SCI CI Poly (R-00052), True Zero Technologies

Join the innovative team at True Zero Technologies as a Splunk Engineer in Mclean, VA! At True Zero, we believe that the synergy between skilled people and cutting-edge technology leads to superior outcomes for our clients. We're proud to have built a thriving community of passionate professionals dedicated to delivering exceptional services. In this role, you'll support the design, implementation, and administration of our federal customers' Splunk SOAR environments, working closely with their extensive Enterprise Splunk setup. This isn’t just a job; it’s an opportunity to collaborate with fellow experts and make a real impact. Ideal candidates will have 3-5 years of experience in the field and prior expertise with Splunk SOAR, including custom playbook development and serious implementation skills. Your familiarity with AWS Cloud, Syslog, and Axonious will also set you apart! At True Zero, we foster growth and collaboration, offering access to a wealth of resources and an internal Slack channel to keep our team connected. From continuous knowledge-sharing workshops to comprehensive training programs, we provide you with the tools to enhance your professional skills. Plus, enjoy competitive salaries, generous PTO, and full medical coverage – we truly care for our people. If you have the drive to excel and want to contribute to a culture that celebrates success, join us to help redefine what's possible. Experience the True Zero difference today!

Frequently Asked Questions (FAQs) for Splunk Engineer - Consultant Certified / SOAR Accreditation / TS/SCI CI Poly (R-00052) Role at True Zero Technologies

What are the responsibilities of a Splunk Engineer at True Zero Technologies?

As a Splunk Engineer at True Zero Technologies, you will design, implement, and manage Splunk SOAR environments for federal clients. Your day-to-day responsibilities will include developing custom playbooks, administering enterprise environments, integrating with various tools, and collaborating with large teams. You'll be instrumental in enhancing our clients' security operations through effective data management and automation.