Senior Splunk Architect

Qmulos is recruiting cybersecurity technologists who want to challenge themselves by working with brilliant people to solve some of today’s most important technology problems. As an emerging cybersecurity software company in the heart of Washington D.C., we need highly motivated technologists who think of big ideas, work well with others, and build apps that can solve game-changing problems. We need creative people whose intelligence is matched only by their grit. Among only a small group of Silicon Valley-style startups in D.C., Qmulos you’ll work with industry trailblazers and global private-sector clients while using agile product development to solve national security problems.

Develop security focused content for complex client Splunk deployments and focus on the creation of complex detection and alerting logic and log source on-boarding. Operate and maintain the Splunk log management infrastructure and leverage knowledge on a number of security technologies, information security, and networking and comprehensive experience in interacting with clients. Develop advanced reports to meet the requirements of key stakeholders and scalable security management tools and processes. Conduct research in areas, including security principles, host and network-based security technologies, machine learning algorithms, and mitigation methods. Engineer, configure, and deploy Enterprise SIEM/SEM and log management solutions, develop automation for security tools management, and create customized searches and applications using programming and development expertise, including Java, Python, Shell scripting, and regular expression. Automate deployment, integration, and testing of enterprise system and services and create and optimize Big Data correlations as a Splunk search language (SPL) expert.

Basic Qualifications:

• Top Secret Security Clearance REQUIRED
• 4+ years of experience with SPLUNK, network security, and system security, supporting security event management tools (SIEMs)
  
• 2+ years of experience with rule and advanced logic creation within SPLUNK
  
• Experience with using scripting languages to automate tasks and manipulate data
  
• Experience with working in a large enterprise environment
  
• Experience with integrating solutions in a multi-vendor environment, including SaaS environments
  
• Knowledge of enterprise logging, with a focus on security event logging
  
• Knowledge of regular expressions
• Splunk Architect certification and Splunk Consultant - preferred

Additional Qualifications:

• 1+ years of experience in an Incident Response role performing hunt activities
• Experience with enterprise-scale operations and maintenance environments
• Experience with programming a plus
  
• Experience with Python
  
• Experience with various security tools, including Wireshark, Nessus, Nmap, Burp, Proxy, or Snort
  
• Experience with SPL, SQL, and other related search languages
  
• Knowledge of networking protocols
  
• Ability to be a Splunk language (SPL) expert
  
• BA or BS degree in CS, IT, Engineering, or a related field
• Industry recognized security certifications (security, networking, etc )- preferred
• Working knowledge of Splunk Cloud solution offering -preferred
• Working knowledge of AWS - preferred

All your information will be kept confidential according to EEO guidelines.