Senior Splunk Engineer This position requires an active Public Trust clearance to be considered. A government contract requires that this position be restricted to U.S. citizens or legal permanent residents. You must provide documentation that you are a U.S. citizen or legal permanent resident to qualify. We are seeking a Senior Splunk Engineer to architect, build, and operate Splunk Enterprise and Enterprise Security (ES) across hybrid environments with a strong emphasis on AWS. You will own the Splunk platform end to end—ingest, CIM mapping, ES content, search and dashboard performance, SOAR automations, and ServiceNow IR integrations. You will drive detection, response, and reporting outcomes that meet FISMA/NIST RMF, FedRAMP, and CMMC requirements. You will implement robust governance, RBAC, change control, and audit-ready evidence. You will partner with SOC, IR, cloud, and platform teams to deliver measurable risk reduction and operational efficiency. Compensation & Benefits: Estimated starting salary range: $150,000- $165,000. Pay commensurate with experience. Full-time benefits include Medical, Dental, Vision, 401K, and other possible benefits. Benefits may change with or without notice. Senior Splunk Engineer Responsibilities Include: - Design, deploy, and maintain Splunk Enterprise, indexers, search heads (including SHC), cluster master/CM, deployment server/Deployer, forwarders, and KV stores across on‑prem and AWS. - Engineer scalable data onboarding pipelines, parsing, and indexing with props/transforms, HEC, UF/HF, and S3/SQS/SNS-based ingestion. - Enforce RBAC, data retention, index strategy, knowledge object governance, and change control aligned to federal compliance. - Optimize search performance, data model accelerations, KV store usage, and ES notable event throughput and latency. - Develop and tune ES correlation searches, risk-based alerting (RBA), and adaptive response actions mapped to MITRE ATT&CK. - Build dashboards, investigations, and notable event workflows that reduce false positives and drive analyst efficiency. - Maintain CIM-compliant data models; lead normalization and data quality initiatives across cloud, endpoint, identity, and network sources. - Measure and report detection and response efficacy (MTTR, precision/recall, RBA risk scores, SLA adherence). - Engineer Splunk SOAR (Phantom) playbooks and apps with secure, scalable configurations to triage, enrich, and contain threats. - Integrate ES notables with automated triage and ServiceNow IR for incident creation, enrichment, SLA tracking, approvals, and evidence attachments. - Build AWS-focused detection and response: GuardDuty, CloudTrail, Security Hub, VPC Flow Logs, IAM, EC2, S3; implement safe actions (e.g., EC2 isolation, S3 access updates, EBS snapshots, IAM key rotation/MFA enforcement, Security Hub updates) with human-in-the-loop approvals and rollback. - Integrate EDR and identity platforms for host containment, IOC blocking, and remote response via APIs. - Lead Splunk deployments in AWS including scalability, multi-account/multi-region ingestion, and cross-account automation via Boto3 and native services. - Standardize reusable Python modules, SDK usage, and CI/CD practices for app/deployment packaging and version control. - Map controls to FISMA/NIST RMF, FedRAMP, and CMMC; maintain audit-ready evidence through logging, approval trails, and configuration baselines. - Drive POA&M updates, control validations, and continuous monitoring dashboards. - Champion secrets management, least privilege, and safe-response guardrails in all platform and automation changes. - Translate SOC/IR runbooks (phishing, malware, IAM abuse, EC2 compromise) into reliable detections and automations. - Mentor junior engineers and analysts on SPL, ES content development, CIM, and SOAR playbooks. - Partner with stakeholders to prioritize use cases and deliver quantifiable outcomes. - Other duties as assigned. Experience, Education, Skills, Abilities - 7+ years in security engineering, SOC/IR, or platform engineering, including 4+ years designing and operating Splunk Enterprise and Splunk ES in production. - 3+ years hands-on with Splunk SOAR (Phantom) and automation of ES notables and ServiceNow IR workflows. - Strong AWS experience: GuardDuty, CloudTrail, Security Hub, IAM, EC2, S3, VPC Flow Logs; cross-account and multi-region preferred. - Proven ServiceNow Incident Response integration experience. - Proficiency in SPL, Python, AWS Boto3, Splunk/Phantom SDKs, REST APIs, and Git-based version control. - Deep knowledge of CIM, data model accelerations, index/retention strategy, and search performance tuning. - Strong grasp of MITRE ATT&CK, CVE/CVSS, CISA KEV, and risk-based detection and automation. - Experience aligning operations with FISMA/NIST RMF, FedRAMP, and CMMC; evidence generation and audit support. - Preferred: Splunk certifications (Core Certified Power User/Admin/Architect, ES Admin), AWS certifications, Security+, CySA+, CISSP, GCDA/GCSA. - Preferred: Experience with Splunk SHC, DS/Deployer, KVstore management, ES content management at scale, AWS Organizations, and ServiceNow IR customization/change management integrations. - Must pass pre-employment qualifications of Cherokee Federal. Company Information Criterion is a part of Cherokee Federal – the division of tribally owned federal contracting companies owned by Cherokee Nation Businesses. As a trusted partner for more than 60 federal clients, Cherokee Federal LLCs are focused on building a brighter future, solving complex challenges, and serving the government’s mission with compassion and heart. To learn more about Criterion, visit cherokee-federal.com. Cherokee Federal is a military friendly employer. Veterans and active military transitioning to civilian status are encouraged to apply. #LI-SM2 #Appc Similar Searchable Job Titles - Senior Splunk Engineer - Splunk ES Engineer - Senior Security Analytics Engineer - Security Automation Engineer - Security Orchestration Engineer Keywords - Splunk Enterprise - Splunk ES - Splunk SOAR - AWS - Security Analytics - Incident Response, - ServiceNow IR - CIM - RBA - Automation Legal Disclaimer: All qualified applicants will receive consideration for employment without regard to protected veteran status, disability or any other status protected under applicable federal, state or local law.

• Focus on selling Optiv security services and security technology solutions to key strategic accounts. • Own and coordinate all aspects of the sales cycle within assigned accounts. • Lead a cross-functional team to execute a multi-year strategic account management plan. • Collaborate with client leadership to build a security strategy. • Establish a trusted relationship with the client to position Optiv as their primary security solution partner and provider. • Meet with clients to document their business, technology, and security goals. • Review goals and progress with clients quarterly, engaging executives as necessary.

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description - Lead and produce system threat models for integration of commercial components into a Data Lake platform. - Review Cloud architectures with security lens. - Propose effective security controls within the environment and identify and suggest mitigations for security vulnerabilities. - Simplify complex security topics, lead discussion in technical and business teams, and communicate risk accurately. - Consult with solution architects and development teams to help them align with client's policy and standards and meet the risk appetite of the customer. - Work with members of architecture teams to review and create secure application and infrastructure designs and patterns. - Assist development teams by reviewing threat models related to applications and related systems. Analyze potential business impact and exposure leading to risk, based on emerging security threats, vulnerabilities, configurations, threat actor TTPs, etc. - Evaluate CICD pipeline design and related development team processes and help to mature and secure creation, management, and utilization of pipelines. - Assist in identification and integration of security focused tooling into development and operations processes. - Support secure application architecture within the Federal Reserve System by fostering constructive dialogue and seeking resolution when confronted with discordant views. - Solicit feedback and continuously improve your knowledge, skills and capabilities related to the position. Qualifications - Able to create AWS secure Cloud architecture designs - Understanding of current security threats, techniques, and landscape - Experienced with System threat modeling of applications and platforms - Able to identify and provide mitigations for security vulnerabilities within applications and application environments based on threat models. - Able to simplify complex security topics for business consumption and critical decision making - Clear and accurate communication, excellent soft skills are a must - Able to lead/direct discussions with technical and business teams to achieve common goals. - Able to work well within a team and support team goals - Understand cyber security frameworks such as NIST 800-53 - Ability to work on a geographically distributed team across multiple time zones - Familiarity with SAFe a plus Requirements - Self-starter, able to readily explore and learn new areas and concepts. - Knowledge and experience normally acquired through, or equivalent to, the completion of a Computer Science or Computer Engineering Bachelor's degree with a minimum of 5 years of job-related experience. - Relevant technically focused certifications in Cloud and/or enterprise security architecture such as GCAD or GDSA are advantageous - Experience with AWS commercial or government Cloud - Securing critical workloads in a Cloud environment. - Knowledge and experience with Databricks, Starburst, Collibra and/or Immuta is advantageous. Company Description The Stefanini Group is a global provider of offshore, onshore and near shore outsourcing, IT digital consulting, systems integration, application, and strategic staffing services to Fortune 1000 enterprises around the world. - Our presence is in countries like the Americas, Europe, Africa, and Asia. - More than four hundred clients across a broad spectrum of markets, including financial services, manufacturing, telecommunications, chemical services, technology, public sector, and utilities. - Stefanini is a CMM level 5, IT consulting company with a global presence.

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description This role offers a unique opportunity to influence and shape the evolving legal function within a fast-paced GovTech SaaS environment. You will work closely with business and technical leaders to navigate a diverse array of legal challenges, from commercial contracting to regulations and compliance. The successful candidate will enjoy autonomy and a range of responsibilities that will not only bolster their legal acumen but significantly impact the company's operations. Your expertise will help streamline processes and enhance the effectiveness of our legal function, fostering collaboration across various teams. - Lead the company's commercial contracting function, including drafting and negotiating a variety of agreements. - Provide practical guidance on legal, regulatory, and contractual risks, balancing risk management with business objectives. - Own and improve core contract templates and playbooks to ensure consistent negotiations. - Partner with internal stakeholders to refine contract lifecycle management initiatives. - Assist with dispute resolution and pre-litigation strategy, including managing issues and coordinating with external counsel. - Support corporate governance and entity management alongside the General Counsel. Qualifications - Juris Doctor (JD) from an ABA-accredited law school. - Active membership in at least one U.S. state bar. - 4-7 years of post-JD experience with significant in-house experience preferred. - Excellent communication skills for explaining legal concepts to varied audiences. - High level of integrity and discretion, with proven trust-building capabilities. - Experience in drafting and negotiating technology-focused commercial agreements. - Familiarity with data protection and privacy issues in contracts. Benefits - Remote work opportunity with flexibility in working arrangements. - Access to advanced collaboration tools and technology-rich environment. - Minimal travel requirements, typically 1-2 weeks per year. - Supportive team culture that values professional excellence and responsibility. - Competitive salary range: $155,000–200,000/year. Company Description