To our valued Leidos candidates:

Coronavirus is on everyone's mind with the effects being felt around the world. The markets are volatile, and we're all concerned for the health and safety of our families, friends, and colleagues. Please know that we're taking all necessary measures to safeguard our employees, customers and the communities in which we live, including following all recommended best practices around social distancing.

With that in mind, in an abundance of caution, we are canceling all face to face career events, such as job fairs and open house events. In the coming days and weeks, we will be hosting career events virtually, using our online chat tools so that we may continue our hiring practice safely and securely. You can find available virtual career events at

We are using telephone meetings and online chats via Brazen to conduct interviews and hiring discussions, and we are offering options for video interviews so that you can have a virtual face to face meeting with your potential new leader. We do not conduct interviews or extend offers via text or chat based social media, such as WhatsApp or MySpace.

Leidos will never ask you to provide payment-related information at any part of the employment application process, nor will Leidos ever advance money as part of the hiring process. And Leidos will communicate with you only through emails that are generated by automated system. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to Chris Scalia, Leidos’ Senior Vice President of Talent Acquisition, at [email protected].

As a company, as a country, as a world, we have confronted challenging moments before. We are confident that, guided by our values and the strength of our community as well as the commitment we have to the important work we do each day, we will find our way through this time together. We will do this with the care and concern for one another and the common good that defines. Please keep those impacted by the virus in your thoughts.

Close Window
Join our talent network

Job #: R-00052535
Location: Baltimore, MD
Category: Security Architecture and Engineering
Schedule (FT/PT): Full Time
Travel Required: Yes, 25% of the time
Shift: Day
Potential for Telework: Yes, 50%
Clearance: Public Trust
Referral Eligibility: Eligible
Group: Health

Share: mail twitter linkedin


Job Description:

This position is for a Splunk Engineer working with a team of Information Security professionals supporting the full life-cycle (design, installation, administration, and monitoring) of a diverse suite of security tools within multiple datacenters.  This position will be focused on supporting the Centers for Medicare and Medicaid Services (CMS) Continuous Diagnostic and Mitigation (CDM) initiative which includes the enterprise wide implementation of Splunk spanning multiple geographically dispersed datacenters.

The Splunk Engineer provides Splunk lifecycle engineering including design, installation, administration, and monitoring.  Assesses and mitigates system security threats/risks throughout the program life cycle; validates system security requirements definition and analysis; establishes system security designs; implements security designs in hardware, software, data, and procedures; verifies security requirements; performs system certification and accreditation planning and testing and liaison activities, and supports secure systems operations and maintenance.

A successful candidate will:

  • Support the full system life-cycle of Splunk across geographically dispersed enterprise datacenters
  • Work in collaboration with CMS and their System Integrators to help lead the implementation of Splunk
  • Perform end-to-end system administration of physical and virtual infrastructure, focusing on Linux based systems
  • Design, document, and optimize Splunk architecture for large-scale/distributed deployments
  • Customize queries, reports and dashboards
  • Perform security-related investigation via Splunk App for Enterprise Security
  • Participate in architecture and on-going design meetings to ensure adequate logging while enabling business value and outcomes.
  • Monitor system stability and performance and ensure system availability, reliability, and usability
  • Troubleshoot complex problems, resolving operational issues, software fault diagnosis, & interacting with vendors, etc.
  • Plan and deploy architectural improvements as needed
  • Perform server maintenance and system upgrades including service packs, patches, hot fixes, vulnerabilities, and security configuration
  • Monitor system resource utilization, trending, and capacity planning
  • Maintain Splunk standards/policies/procedures.
  • Mentor Jr. Spunk Administrators

The candidate must be a self-starter, a disciplined worker and have a professional reputation for integrity.  The ability to adhere to the highest standards of ethics and professional conduct are an absolute must.  The position requires an individual with a record of success as a team member and motivator, and may provide work direction and guidance to other personnel.

BS degree and 4 – 8 years of prior relevant experience. Experience may be substituted in lieu of degree.

Basic Qualifications:

  • Strong background designing, deploying, and maintaining Splunk Core and Enterprise Security on RHEL in a large distributed environment.
  • Experience with Splunk IT Service Intelligence (ITSI)
  • Experience with Splunk Search Processing Language
  • Experience creating Spunk dashboards
  • General understanding of Splunk knowledge objects (e.g. fields, lookups, macros, etc.)
  • Strong understanding of regular expressions.
  • An in-depth understanding of computer/network security concepts.
  • Strong troubleshooting skills specific to network security and ability to effectively work in cross functional teams as needed to resolve issues.
  • Must have the ability to analyze information from multiple sources and apply it to the operational environment in developing and maintaining the security posture of the network.
  • Must have the ability to work independently on multiple tasks.
  • Strong communication skills (both written and verbal), customer service and teaming skills are required.

Desired Skills:

  • Certification as a Splunk Certified Architect or Splunk Certified Admin
  • 8+ years in the Information Security field with a focus on supporting Splunk.
  • Experience with Incident Response and Cyber Investigation
  • Experience successfully leading a Project Team through the system implementation lifecycle including design, installation, administration, and monitoring.
  • Experience supporting Cloud environments.
  • Current CISSP certification or other relevant security certification.

All candidates supporting the CMS programs must have lived in the United States at least three (3) out of the last five (5) years prior in order to be considered.

External Referral Bonus:


Potential for Telework:

Yes, 50%

Clearance Level Required:

Public Trust


Yes, 25% of the time

Scheduled Weekly Hours:




Requisition Category:


Job Family:

Security Architecture and Engineering

Pay Range:


About Leidos

Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 38,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Va., Leidos reported annual revenues of approximately $11.09 billion for the fiscal year ended January 3, 2020. For more information, visit

Pay and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.

Securing Your Data

Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].

Commitment to Diversity

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.

   Save Job Saved

Talent Community

Join our Talent Community to create a profile, enabling a streamlined application process and to help our recruiters better understand your areas of expertise and interest.

Join our Talent Community