Job Description

Description:
At Lockheed Martin Rotary and Mission Systems, we are driven by innovation and integrity. We believe that by applying the highest standards of business ethics and visionary thinking, everything is within our reach and yours as a Lockheed Martin employee. Lockheed Martin values your skills, training and education. Come and experience your future!

Our Test Sites Engineering organization employs an exciting mix of technologies to empower all our team member with the best resources available to perform their assignment. We are seeking an Information Technology (IT) professional with proven Splunk (SIEM) Security Information Event Management experience and knowledge to address Risk Management Framework (RMF) compliance and mitigate the insider threat.

The Splunk Engineer will be supporting a strategic cyber security effort. Primary mission of the project will be in implementing a proactive risk management solution to enhance the classified enterprise defense posture. Candidate will work with a highly skilled and experienced team focusing on next generation security solutions. Additionally, this individual will serve as a trusted advisor, technical leader, and cyber-security expert for the organization and drive future growth capabilities from existing engagements. This candidate will function as a security advisor and consultant for customers on people, policy, processes, and technology issues surrounding security engagements, while helping scope and design multi-vendor security solutions for large scale distributed environments and supporting customers in their risk and threat mitigation solutions. Additionally, the Splunk engineer will play a role in the development of additional cyber security offerings to support both emerging and next generation cyber security technologies.

Candidate will work in both a cross-product & cross-program environment that will require working closely with the Cyber/Information Assurance (IA) and Lockheed Martin (LM) Security team to design and optimize hardware architecture (e.g., platform) for large-scale and distributed deployments. Establish best practices and development standards that are embraced by the team. Implements and maintains Splunk platform infrastructure and configuration.

As an IT professional in this role you will assist with the management, coordination, installation, debug and refreshing the computing infrastructure. This will include deploying & maintaining software configuration elements of the Splunk platform that range in scale from single and/or multi server systems to High Performance Computing platforms that include Beowulf clusters, high speed network fabrics/switches, high available storage (SAN), & GP-GPU computing assets, as well as a hybrid set of operating systems software (including but not limited to Linux, Solaris and Windows). The successful candidate will also have responsibilities that extends to Cloud environment. This role will focus on alerts and data content and require strong communication skills to interface with external customers.

Ability to work with a diverse team on security tools and applications providing custom and tailored software changes as required on Splunk to monitor and detect Cyber-security threats in an environment for various users within large program. Experience in working with other Cybersecurity experts to develop use cases, data models, and connectors within Splunk to meet overall program objectives. Act as the Splunk Search Language (SPL) expert in developing network or endpoint-based anomaly detection alerting logic in SPL and building dashboards to visualize results. Able to conduct research in security principles, host and network-based security technologies, industrial controls system devices, machine language learning algorithms, and attack and mitigation methods.

Candidate must be able to obtain & maintain a Security Clearance at the SECRET level.
Basic Qualifications:
Bachelor's degree (BS/BA) in Computer Science, Computer Engineering, Info Security/Network Administration or related field

Proven experience with Splunk, network security, and system security supporting event management tools, including SIEMs

Proven experience with rule and advanced logic creation in Splunk including knowledge of through understanding and operational experience with Splunk Search Language

Development of automated searches and applications using Python, Shell scripting, HTML, CSS and regular expressions

Thorough understanding of Splunks Common Information Model (CIM)

Understanding of Splunks advanced capabilities to include:
Splunk Enterprise Security (ES)
Splunk User Behavior Analytics (UBA)
Splunk Machine Learning Toolkit
Splunk Cloud
Advance Threat Analytics

At least 2 years experience with a scripting language (Bash, Perl, Python)

Expertise with Linux and Command-line interface

Experience deploying apps within Splunk or administrating the Splunk platform

Excellent troubleshooting skills and strong technical learning aptitude required

Demonstrated ability to articulate and convey advanced technical concepts in presentations and customer meetings

Candidate must be able to obtain & maintain a Security Clearance at the SECRET level.
Desired Skills:
Master's degree (MS/MA) in Computer Science, Computer Engineering, Info Security/Network, IT Administration & Security or related field

Detailed understanding and strong skill set in operating and working with the Splunk tool set

Currently hold Splunk specific certifications

Splunk Administrator

Maintains Security relevant certifications such as: Security+, Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Security Administrator (CISA) Other Important Information You Should Know Expression of Interest: By applying to this job, you are expressing interest in this position and could be considered for other career opportunities where similar skills and requirements have been identified as a match. Should this match be identified you may be contacted for this and future openings.Telecommute: The work associated with this position will be performed at the designated Lockheed Martin facility. Situational telecommuting may be considered and authorized at the discretion of your leader and based upon the role.Work Schedules: Lockheed Martin supports a variety of alternate work schedules that provide additional flexibility to our employees. Schedules range from standard 40 hours over a five day work week while others may be condensed. These condensed schedules provide employees with additional time away from the office and are in addition to our Paid Time off benefits.Schedule for this Position: 9x80 every other Friday offSecurity Clearance Statement: This position requires a government security clearance, you must be a US Citizen for consideration.Clearance Level: Secret Lockheed Martin is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status. Join us at Lockheed Martin, where your mission is ours. Our customers tackle the hardest missions. Those that demand extraordinary amounts of courage, resilience and precision. Theyre dangerous. Critical. Sometimes they even provide an opportunity to change the world and save lives. Those are the missions we care about.

As a leading technology innovation company, Lockheed Martins vast team works with partners around the world to bring proven performance to our customers toughest challenges. Lockheed Martin has employees based in many states throughout the U.S., and Internationally, with business locations in many nations and territories.Experience Level: Experienced ProfessionalBusiness Unit: RMSRelocation Available: PossibleCareer Area: Information Technology Type: Full-TimeVirtual Location: no Shift: First