Join our talent network

Job #: R-00024022
Location: Baltimore, MD
Category: Security Architecture and Engineering
Schedule (FT/PT): Full Time
Travel Required: No
Shift: Day
Potential for Telework: No
Clearance Required: Public Trust
Referral Eligibility: Eligible
Group: Health

Share: mail twitter linkedin


Job Description:

This position is for a Splunk Engineer working with a team of Information Security professionals supporting the full life-cycle (design, installation, administration, and monitoring) of a diverse suite of security tools within multiple datacenters.  This position will be focused on supporting the Centers for Medicare and Medicaid Services (CMS) Continuous Diagnostic and Mitigation (CDM) initiative which includes the enterprise wide implementation of Splunk spanning multiple geographically dispersed datacenters.

The Splunk Engineer provides Splunk lifecycle engineering including design, installation, administration, and monitoring.  Assesses and mitigates system security threats/risks throughout the program life cycle; validates system security requirements definition and analysis; establishes system security designs; implements security designs in hardware, software, data, and procedures; verifies security requirements; performs system certification and accreditation planning and testing and liaison activities, and supports secure systems operations and maintenance.

A successful candidate will:

  • Support the full system life-cycle of Splunk across geographically dispersed enterprise datacenters
  • Work in collaboration with CMS and their System Integrators to help lead the implementation of Splunk
  • Perform end-to-end system administration of physical and virtual infrastructure, focusing on Linux based systems
  • Design, document, and optimize Splunk architecture for large-scale/distributed deployments
  • Customize queries, reports and dashboards
  • Perform security-related investigation via Splunk App for Enterprise Security
  • Participate in architecture and on-going design meetings to ensure adequate logging while enabling business value and outcomes.
  • Monitor system stability and performance and ensure system availability, reliability, and usability
  • Troubleshoot complex problems, resolving operational issues, software fault diagnosis, & interacting with vendors, etc.
  • Plan and deploy architectural improvements as needed
  • Perform server maintenance and system upgrades including service packs, patches, hot fixes, vulnerabilities, and security configuration
  • Monitor system resource utilization, trending, and capacity planning
  • Maintain Splunk standards/policies/procedures.
  • Mentor Jr. Spunk Administrators

The candidate must be a self-starter, a disciplined worker and have a professional reputation for integrity.  The ability to adhere to the highest standards of ethics and professional conduct are an absolute must.  The position requires an individual with a record of success as a team member and motivator, and may provide work direction and guidance to other personnel.

Basic Qualifications:

BS degree and 4 – 8 years of prior relevant experience

  • Strong background designing, deploying, and maintaining Splunk Core and Enterprise Security on RHEL in a large distributed environment.
  • Experience with Splunk Search Processing Language
  • Experience creating Spunk dashboards
  • General understanding of Splunk knowledge objects (e.g. fields, lookups, macros, etc.)
  • Strong understanding of regular expressions.
  • An in-depth understanding of computer/network security concepts.
  • Strong troubleshooting skills specific to network security and ability to effectively work in cross functional teams as needed to resolve issues.
  • Must have the ability to analyze information from multiple sources and apply it to the operational environment in developing and maintaining the security posture of the network.
  • Must have the ability to work independently on multiple tasks.
  • Strong communication skills (both written and verbal), customer service and teaming skills are required.
  • Desired Skills:

  • Certification as a Splunk Certified Architect or Splunk Certified Admin
  • 8+ years in the Information Security field with a focus on supporting Splunk.
  • Experience with Incident Response and Cyber Investigation
  • Experience successfully leading a Project Team through the system implementation lifecycle including design, installation, administration, and monitoring.
  • Experience supporting Cloud environments.
  • Current CISSP certification or other relevant security certification.

All candidates supporting the CMS programs must have lived in the United States at least three (3) out of the last five (5) years prior in order to be considered.

External Referral Bonus:


Potential for Telework:


Clearance Level Required:

Public Trust



Scheduled Weekly Hours:




Requisition Category:


Job Family:

Security Architecture and Engineering


Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.19 billion for the fiscal year ended December 28, 2018. For more information, visit

Pay and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.

Securing Your Data

Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to

Commitment to Diversity

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.

Talent Community

Join our Talent Community to create a profile, enabling a streamlined application process and to help our recruiters better understand your areas of expertise and interest.

Join our Talent Community