Secret Cleared Security SIEM Splunk Analyst

Insight Global

Job Description

Insight Global is looking to add a Secret Cleared SIEM Splunk Analyst to a federal clients team at Scott Airforce Base in Ofallon, IL. This individual will be responsible for performing SIEM application support on current and future SIEM products, ensure data feeds and application operation are maintained, and provide support to cyber security analysts in development of analytics and other operational aspects of the SIEM product. They will be Primarily supporting the Splunk SIEM platform, providing support for cyber security analysts in development of analytics using SIEM, and train analysts on operation and higher-level usage of the SIEM tools. They will also be responsible for Report outages/issues with the SIEM and designing, documenting, deploying, sharing, and supporting complex use-case content packages to adapt to current and future data feeds and sources. This individual will be coordinating with other SIEM experts on the local DISA SIEM team. This is a hybrid working schedule, where this team provides flexibility for onsite / WFH rotation.

Skills and Requirements

4 years of experience supporting a SIEM tool / Splunk

Active DoD secret security clearance with the ability to obtain a TS/SCI

In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (Splunk preferred)

Cyber Security related background / education / certifications with demonstrated understanding of the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques, and procedures (TTPs)

DoD 8570 IAT level II or higher certification such as CompTIA Security CE, CySA etc prior to starting

Bachelors Degree

Splunk Core Certified Power User Certification or higher is required within 90 days of hire Active TS/SCI

Splunk Core Certified Power User Certification

Advanced certifications involving operation/maintenance/administration of at least one enterprise SIEM platform (e.g. Splunk, Elastic/Kibana)

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to