Coalfire Federal is a market leading cybersecurity consultancy firm that provides independent and tailored advice, assessments, technical testing and a full suite of cyber engineering services to Federal agency customers.  Coalfire Federal along with its parent company, Coalfire, has an unparalleled client list with deep customer relationships with leading cloud and technology providers including Amazon, Microsoft, IBM, Google and Oracle and Federal agencies.  Coalfire has been a cybersecurity thought leader for over 20 years and has offices throughout the United States and Europe and is committed to making the world a safer place by solving our clients’ toughest security challenges. 

But that’s not who we are – that’s just what we do.

We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.  

We’re currently seeking a SIEM/Splunk Engineer to support our Federal team in Washington, D.C. (Hybrid; 3 days on site). 

• Development, deployment, or administration of Splunk.
• Onboard Splunk ES critical data sources - ingestion of critical data sources/data logs from the enterprise into the Security Information Event Management (SIEM) tool to meet the Splunk Enterprise Security (ES) implementation.
• Normalize Log Data to Common Information Model (CIM) as required by Splunk ES to meet the provided security use cases (Rules/Alerts).
• Create viewable Splunk dashboards to provide visibility into ingested log data.
• Create alerts that trigger/activate on configured setting to deploy or sends a note, email, or attachments to a particulate destination email or groups.
• Create security rules (alerts) that trigger on anomalous activities or threat detections.
• Splunk Support - Assisting Customers with any issues when ingestion of logs that are not working properly or communication issues with Splunk.
• Resolve Splunk infrastructure or system issues.
• Development, deployment, or administration of VMware, RSA NetWitness, Cisco StealthWatch or similar tools.
• Check virtual server availability, functionality, integrity, and efficiency.
• Manage virtual server resources including performance, capacity, availability, serviceability, and recoverability.
• Monitor and maintain virtual server configuration.
• Diagnose failed servers or connectivity problems.

• Experience working with cloud services such as AWS, Azure and O365 and cloud access security brokers.
• Experience in the use of network monitoring tools with a strong understanding of network protocols.
• Ability to perform security analysis, development and implementation of security policies, standards, and guidelines.
• Ability to quickly explore, examine and understand complex security problems and how it affects a customer’s business.
• Experience with both the Linux and Windows operating systems.

Education
Completed Bachelor’s degree from an accredited university is required, preferably in an IT related field.

Clearance / Suitability 

Ability to obtain a clearance or a Public Trust is preferred, however all clearance levels and non-cleared applicants will also be considered.

Certifications 

Our aim is to build a technologically diverse team - so while we don’t have a set list, there may be certain benchmarks we look for that apply to your expertise. We recommend checking out the DoD Approved 8570 Baseline Certifications as an example.

Preferred certifications typical for roles in our federal delivery services may include one or more of the following: Security+, CEH, CISA, CISSP, CISM

Years of Experience 

At least 5 to 7 years of hands-on experience with security monitoring tools such as IDS/IPS, FWs and NACs and protocols such as NetFlow (Snort, Bro, Palo Alto, Checkpoint, Cisco ISE, FireEye, Gigamon).

Our people make Coalfire Federal great. We work together on interesting things and achieve exceptional results. We act as trusted advisors to our customers and are committed to client-focused innovation as well as innovation in the industries that we serve.

Coalfire offers our people the chance to grow professionally with colleagues they like and respect while tackling challenges that stretch their minds and expand their skill sets. Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more.

You’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support memberships, and comprehensive insurance options.  

Coalfire is an EEO employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.