Booz Allen Hamilton Splunk Security Engineer in Houston, Texas

Splunk Security EngineerinHouston, TXatBooz Allen Hamilton Inc.

Date Posted:10/13/2018

ApplyApplyNot ready to Apply?

×Join Our Talent Network

Join us. The world can’t wait.

The Booz Allen Talent Network is your opportunity hub—a chance to learn about what we do, how we do it, and how you can help.

Tell us what interests you. We’ll send you:

  • Job alerts that match your passions

  • Details about relevant upcoming events

  • Information about our work in the news

  • And more

Empower change with us. Start by joining the Network.

Privacy Policy

Cookie Policy

Terms and Conditions

  • {{ err }}

Thanks for joining our Talent Network, {{vm.userName}}

This service is currently unavailable. Please try again at a later time.

*Required

By joining our Talent Network you have not officially applied to a position.

By joining our Talent Network you have not officially applied to a position.

Thanks for joining our Talent Network, {{ vm.userName }}

By joining our Talent Network you have not officially applied to a position. To apply for this position, please click the continue button.

Continue

Redirect in {{vm.counter}}

Share With:

Job Snapshot

  • Employee Type:

Full-Time

  • Location:

Houston, TX

  • Job Type:

Engineering

  • Experience:

Not Specified

  • Date Posted:

10/13/2018

About Us

At Booz Allen, we harness our collective ingenuity to solve our clients’ toughest management and technology problems. We work with governments, Fortune 500 corporations, and not-for-profits around the globe, in industries ranging from defense to health, energy to international development. We believe there is no product, code, or strategy that can create progress—only people can. That’s why for more than 100 years we’ve empowered our team: over 24,000 dreamers, drivers, and doers who work together to change the world .

Job DescriptionJob Number: R0023803

Splunk Security Engineer

Key Role:

Develop security focus content for complex client Splunk deployments, focus on the creation of complex threat detection logic, dynamic operational dashboards, and data source onboarding and configure and deploy enterprise security, operate Splunk using Security Information and Event Management (SIEM) or Security Event Management (SEM), and architect log management or ingestion solutions. Develop automation for security tools management and create customized searches and applications use programming and development expertise, including CSS, HTML, or JavaScript, Python, Shell Scripting, and regular expression. Act as a Splunk Search Language (SPL) expert, develop network or entity based anomaly detection alert logic in SPL using the ML toolkit.

Basic Qualifications:

-5+ years of experience with IT

-1+ years of experience with Splunk, network security, system security, or supporting Security Information and Event Management (SIEM)

-1+ years of experience with rule and advanced logic creation in Splunk

-Experience with using scripting languages to automate tasks and manipulate data

-Experience with working in a large enterprise environment

-Knowledge of enterprise logging, including application, OS, and security technology logging

-Knowledge of regular expressions

-Ability to demonstrate SPL expertise

-Ability to travel up to 80% of the time

-BA or BS degree

Additional Qualifications:

-1+ years of experience with performing hunt activities in an incident response role

-Experience with enterprise-scale operations and maintenance environments

-Experience with programming a plus

-Experience with Python

-Experience with security tools, including Firewall, IDS, Active Directory, Nmap, Burp, Proxy, or Bro

-Knowledge of networking protocols

-BA or BS degree in CS, IT, or a related field

-Splunk Admin or Architect Certification

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.

AFH26, CMCL, TMJ16