- Moorestown, NJ
Description:At Lockheed Martin Rotary and Mission Systems, we are driven by innovation and integrity. We believe that by applying the highest standards of business ethics and visionary thinking, everything is within our reach - and yours as a Lockheed Martin employee. Lockheed Martin values your skills, training and education. Come and experience your future!
Our Test Sites Engineering organization employs an exciting mix of technologies to empower all our team member with the best resources available to perform their assignment. We are seeking an Information Technology (IT) professional with proven Splunk (SIEM) Security Information Event Management experience and knowledge to address Risk Management Framework (RMF) compliance and mitigate the insider threat.
The Splunk Engineer will be supporting a strategic cyber security effort. Primary mission of the project will be in implementing a proactive risk management solution to enhance the classified enterprise defense posture. Candidate will work with a highly skilled and experienced team focusing on next generation security solutions. Additionally, this individual will serve as a trusted advisor, technical leader, and cyber-security expert for the organization and drive future growth capabilities from existing engagements. This candidate will function as a security advisor and consultant for customers on people, policy, processes, and technology issues surrounding security engagements, while helping scope and design multi-vendor security solutions for large scale distributed environments and supporting customers in their risk and threat mitigation solutions. Additionally, the Splunk engineer will play a role in the development of additional cyber security offerings to support both emerging and next generation cyber security technologies.
Candidate will work in both a cross-product & cross-program environment that will require working closely with the Cyber/Information Assurance (IA) and Lockheed Martin (LM) Security team to design and optimize hardware architecture (e.g., platform) for large-scale and distributed deployments. Establish best practices and development standards that are embraced by the team. Implements and maintains Splunk platform infrastructure and configuration.
As an IT professional in this role you will assist with the management, coordination, installation, debug and refreshing the computing infrastructure. This will include deploying & maintaining software configuration elements of the Splunk platform that range in scale from single and/or multi server systems to High Performance Computing platforms that include Beowulf clusters, high speed network fabrics/switches, high available storage (SAN), & GP-GPU computing assets, as well as a hybrid set of operating systems software (including but not limited to Linux, Solaris and Windows). The successful candidate will also have responsibilities that extends to Cloud environment. This role will focus on alerts and data content and require strong communication skills to interface with external customers.
Ability to work with a diverse team on security tools and applications providing custom and tailored software changes as required on Splunk to monitor and detect Cyber-security threats in an environment for various users within large program. Experience in working with other Cybersecurity experts to develop use cases, data models, and connectors within Splunk to meet overall program objectives. Act as the Splunk Search Language (SPL) expert in developing network or endpoint-based anomaly detection alerting logic in SPL and building dashboards to visualize results. Able to conduct research in security principles, host and network-based security technologies, industrial controls system devices, machine language learning algorithms, and attack and mitigation methods.
Candidate must be able to obtain & maintain a Security Clearance at the SECRET level.
• Bachelor's degree (BS/BA) in Computer Science, Computer Engineering, Info Security/Network Administration or related field
• Proven experience with Splunk, network security, and system security supporting event management tools, including SIEMs
• Proven experience with rule and advanced logic creation in Splunk including knowledge of through understanding and operational experience with Splunk Search Language
• Development of automated searches and applications using Python, Shell scripting, HTML, CSS and regular expressions
• Thorough understanding of Splunk's Common Information Model (CIM)
• Understanding of Splunk's advanced capabilities to include:
Splunk Enterprise Security (ES)
Splunk User Behavior Analytics (UBA)
Splunk Machine Learning Toolkit
Advance Threat Analytics
• At least 2 years' experience with a scripting language (Bash, Perl, Python)
• Expertise with Linux and Command-line interface
• Experience deploying apps within Splunk or administrating the Splunk platform
• Excellent troubleshooting skills and strong technical learning aptitude required
• Demonstrated ability to articulate and convey advanced technical concepts in presentations and customer meetings
• Candidate must be able to obtain & maintain a Security Clearance at the SECRET level.
• Master's degree (MS/MA) in Computer Science, Computer Engineering, Info Security/Network, IT Administration & Security or related field
• Detailed understanding and strong skill set in operating and working with the Splunk tool set
• Currently hold Splunk specific certifications
• Splunk Administrator
• Maintains Security relevant certifications such as: Security+, Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Security Administrator (CISA)
Lockheed Martin is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
Join us at Lockheed Martin, where your mission is ours. Our customers tackle the hardest missions. Those that demand extraordinary amounts of courage, resilience and precision. They're dangerous. Critical. Sometimes they even provide an opportunity to change the world and save lives. Those are the missions we care about.
As a leading technology innovation company, Lockheed Martin's vast team works with partners around the world to bring proven performance to our customers' toughest challenges. Lockheed Martin has employees based in many states throughout the U.S., and Internationally, with business locations in many nations and territories.
Back to top