Cyber Security SIEM/Splunk Enterprise Engineer

Job Locations US-Martinsburg, WV
Job ID 2018-1497



AbleVets, LLC is a fast-growing Service Disabled Veteran Owned Small Business (SDVOSB) providing healthcare information technology services and resources to help the Veterans Affairs (VA) and Department of Defense (DoD) improve the lives of the people they serve. AbleVets has an opportunity for an experienced, motivated Network Cyber Security SIEM/Splunk Engineer to support our VA customer.


The Network Cyber Security SIEM/Splunk Engineer will be responsible for leading an integration and tuning effort using Splunk ES to ensure optimal reporting and alerting capabilities resulting in actionable data. Most importantly, this engineer will have the responsibility for leading a cross-task area working group to set priorities, support planning activities, optimize the solution, and anything related to putting new Splunk Enterprise solutions into production use. The position is located on-site at the customers facility in Martinsburg, W.V 

Essential Functions and Job Responsibilities


  • The successful candidate must be well-versed in security operations, cyber security tools, intrusion detection, and secured networks.  They will be responsible for all aspects of security device management, identifying and recommending optimizations to security configurations, and supporting security analytics through tailored detection, analysis, and response services to include the development of custom configurations, signatures, and dashboards. Duties and responsibilities may include, but are not limited to:
    • "Hands-on" leadership of a cross-functional Splunk Enterprise Solution working group consisting of platform providers; senior analytic team members; project managers; and "eyes on glass" staff that develop and use the SIEM capability. The mission of the working group is to advance the VA's leverage of the Splunk ES capability by creating and refining use cases; stabilizing and tuning the core platform; and making sure all stakeholders are well informed and engaged in bringing this capability to fruition.
    • Briefing and providing professional demonstrations of incremental capability improvement to senior members of the Veterans Affairs (VA). 
    • Configuring Splunk Enterprise Security (ES) environments to include all ES software used to conduct SIEM related functions, to ensure that reporting and alerts are pro-active and effective in bringing abnormal conditions to the attention of leadership.
    • Tune the Splunk ES environment to include all ES software used to conduct SIEM related functions to ensure that notable events, and other intelligence-based analytics enhance the reporting and alerting capabilities of the ES environment. 
    • Working directly with third party solution providers for required fixes and support 
    • The ability to provide "hands-on" Splunk ES training to staff 
    • Providing technical support for new detection capabilities, recommendations to improve upon existing tools/capabilities to protect the VA network, and assessments for High Value Assets 
    • Demonstrating a strength identifying issues and determining when escalation is required. 
    • Strong customer relationship skills. 



    • Bachelor's degree or higher in Information Technology or other engineering or technical discipline and at least 6 years IT experience to include a minimum of 4 years advanced Cyber Threat Information experience.  Four years of relevant experience may be substituted for the degree requirement with professional certification (e.g., CISSP, GREM or GCIH) 
    • Certification (or ability to obtain certification) in at least one of the following areas:  1) SPLUNK Certified Administrator, 2) Splunk Certified Architect, 3) SourceFire Certified Professional (SnortCP), 4) CISSP, 5) Palo Alto Accredited Configuration Engineer (ACE)
    • Experience with advanced cyber security tools, network topologies, intrusion detection, PKI, and secured networks 
    • In depth understanding of NIST SP 800-61, US CERT and Office of Management and Budget (OMB) standards 
    • Experience interpreting and implementing cyber security regulations 
    • Excellent verbal communication skills 
    • Strong customer relationship skills.
    • Outstanding written skills for preparing reports and briefings 
    • Excellent analytical and problem solving skills 
    • Must be able to obtain and maintain a U.S. Government security clearance (Public Trust) which will require successful completion of a background check and fingerprinting.


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed