Frontend Splunk Security Engineer

Peraton is seeking an experienced Splunk Front-End Engineer to design, build, and maintain rich, user-focused dashboards and reports. You'll translate raw event data into actionable visualizations for asset managers, executives, and security operations teams. Prior FAA experience is highly desirable. Direct collaboration with FAA customers is expected. Remote position with occasional local on-site meeting support in the Washington, DC, Oklahoma City, OK or Egg Harbor Township, NJ area required. Candidates must be local to these areas.

KEY RESPONSIBILITIES
* Architect and implement Splunk dashboards for data-center asset inventory and vulnerability reporting
* Build Executive dashboards that filter and highlight critical assets for situational awareness
* Normalize dashboard layouts, panels, and visualizations to a consistent styling and naming convention
* Optimize searches and SPL queries for performance and scalability
* Integrate new data sources and onboard security systems into Splunk
* Map CVE and asset owner data into asset-centric dashboards
* Produce and maintain dashboard documentation: data sources, queries, drill-downs, and user guides
* Collaborate with stakeholders to plan new dashboards, define requirements, wireframes, and success metrics

Assess, develop, and implement security policies and procedures to align with frameworks such as NIST RMF, FedRAMP, FISMA, ISO 27001, and DoD STIGs.
• Conduct security risk assessments and gap analyses to identify vulnerabilities in systems and networks.
• Ensure compliance with federal regulations, industry standards, and organizational security policies.
• Assist in the preparation of System Security Plans (SSPs), Security Control Assessments (SCAs), and Authority to Operate (ATO) packages.
• Perform Plan of Action & Milestones (POA&M) management, tracking remediation efforts for security findings.
• Monitor security logs, alerts, and events using SIEM tools (e.g., System Security / Information Assurance Analyst, ArcSight, etc.) to detect, investigate, and mitigate cyber threats.
• Respond to security incidents, vulnerabilities, and breaches, conducting forensic analysis and impact assessments.
• Develop and refine incident response plans (IRPs) and participate in cybersecurity exercises and drills.
• Configure and manage security controls, including firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint security, and encryption solutions.
• Support the implementation of Zero Trust Architecture (ZTA) and Identity & Access Management (IAM) controls.
• Perform patch management and vulnerability remediation for IT assets, ensuring compliance with security benchmarks (DISA STIGs, CIS Benchmarks, SCAP).
• Develop and maintain security documentation, policies, and procedures for system accreditation.
• Conduct security awareness training for employees and stakeholders.
• Support audit and certification processes, working with internal and external security assessors.
• Review secure software development lifecycle (SDLC) practices, ensuring applications meet security best practices.
• Assist in securing cloud-based environments (AWS, Azure, Google Cloud) through security controls like CASB, CSPM, and cloud encryption.
• Conduct security reviews for third-party applications and vendors to mitigate supply chain risks.

REQUIRED QUALIFICATIONS

• Bachelor's degree in Computer Science, Cybersecurity, Engineering, Information Systems, Mathematics, Technology, or related IT field with 5 years of relevant experience; or Masters with 3 years of relevant experience; or High School with 9 years of relevant experience.
• Minimum 6 years hands-on experience building and supporting Splunk dashboards, reports, and saved searches.
• 3 years proficiency with SPL, Dashboard Studio, data models, and the Asset Framework.
• 3 years experience using the following tools and technologies: Splunk Enterprise (Search, SPL, Dashboard Studio, Data Models, Asset Framework), Splunk IT Service Intelligence (ITSI),Splunk Security Essential, JIRA, Git, REST APIs, JSON,Basic CSS/HTML for dashboard theming.
• US Citizenship required with the ability to obtain an FAA Public Trust clearance prior to start.
  
  PREFERRED QUALIFICATIONS
• Bachelor's degree in Computer Science, Cybersecurity, Engineering, Information Systems, Mathematics, Technology, or related IT field with 6 years of relevant experience; or Masters with 4 years of relevant experience; or High School with 10 years of relevant experience

• Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified Ethical Hacker (CEH), Certified Authorization Professional (CAP), Security+, Information Technology (IT) certification, or equivalent certification (Must obtain within 12 months of start if not currently certified.)
• Strong understanding of asset-centric reporting, CVE tracking, and executive situational awareness use cases
  * Proven ability to optimize Splunk search performance and design intuitive UI layouts
• In-depth understanding of the Continuous Diagnostics and Mitigation (CDM) program and its phases (vulnerability management, configuration management, identity and access management, and incident response)
• Proficiency in Zero Trust principles, including micro-segmentation, least-privilege access, and continuous verification of users, devices, and services
• Expertise in the NIST Risk Management Framework (RMF) (SP 800-37/SP 800-53), from categorization through monitoring and continuous authorization
• Familiarity with the Cybersecurity Assessment and Secure Mission (CASM) model for evaluating control effectiveness and mission impact
• Knowledge of Federal Information Security Modernization Act (FISMA) requirements and annual reporting processes
• Experience applying FedRAMP security controls for cloud service providers and managing authorization packages (SSP, SAR, POA&M)
• Understanding of DISA STIG and SCAP standards for system hardening and automated compliance checking
• Ability to map organizational controls to CISA CDM dashboard metrics and drive dashboard data integrations
• Writing scripts in Python, PowerShell, or Bash for security automation and log
• Automating security control enforcement using Ansible, Terraform, or cloud- native security tools.
• Securing cloud environments (AWS, Azure, Google Cloud) with Zero Trust, CASB, and cloud-native security controls.
• IAM, Privileged Access Management (PAM), and Role-Based Access Control (RBAC).
• Knowledge of cyber threats, attack vectors, Advanced Persistent Threats (APTs), and malware analysis.
• Security Information and Event Management (SIEM) solutions like Splunk, ArcSight, or QRadar.
• Firewalls, IDS/IPS (Snort, Suricata), VPNs, and endpoint security
• Secure configurations based on CIS Benchmarks, DISA STIGs, and SCAP

• Proficient in analysis activities and capable of applying theoretical body of knowledge, including the ability to apply a variety of standard and advanced analytical techniques and tools.
• Assessing risk impact and security control effectiveness in real-world
• Making data-driven decisions to improve security posture while balancing operational
• Ability to analyze security threats, correlate logs, and identify vulnerabilities in systems and networks.
• Troubleshooting security issues across multi-layered
• Ability to make decisions in accordance with established policies, guidelines and
• Working with cross-functional teams, executives, and auditors to implement security best practices.
• Training employees on security awareness and compliance
• Staying updated with emerging threats, security technologies, and regulatory
• Ability to quickly adapt security strategies to evolving IT environments and
• Writing security reports, compliance documentation (SSPs, POA&Ms), and security
• Communicating security risks effectively to both technical and non-technical stakeholders
• Strong organizational skills with the ability to multi-task, manage time effectively, and handle tight deadlines.
• Highly responsive to requested
• Proficient in analysis activities and capable of applying theoretical body of knowledge, including the ability to apply a variety of standard and advanced analytical techniques and tools.
• Extensive knowledge of business issues and processes as well as IT and Security resources and enabling technologies.
• Skilled in the use of advanced analysis, facilitation and consultative techniques and tools and the ability to apply them in multiple settings of significant complexity.
• Excellent oral and written communication skills including the ability to effectively consult with stakeholders on a diverse range of IT activities.
• Ability to work with confidential and proprietary information using utmost

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.