Are you ready to turn your skills into real-world impact? Join Leidos as a Splunk Security Engineer in Suitland, MD and be at the forefront of mission-critical cybersecurity. From defending networks to building scalable automation, your work will shape the response and resilience of national operations.

 What You’ll Do

As a core member of our security engineering team, you will:

Develop, maintain, and execute automated SOAR playbooks that interact across systems and devicesAnalyze log events, correlate data across multiple sources, and enhance threat detection and response workflowsUsing SOAR connectors, design integrations between Splunk SOAR and standard DoD products such as Trellix ePO, Tanium, Cisco (FirePower, ISE, Email Gateways, AMP, switch/routers), Palo Alto Firewalls, Microsoft Active Directory, DNS, Exchange, SharePoint, IIS, SQL, Apache, Tomcat, RSA SecurID, Tenable.SC and Nessus, VMWare vCenter/ESXi, ServiceNow, Azure and AWS, NetApp, Windows and Linux. Connectors may use APIs, tokens, or service accounts, so understanding these options is importantConfigure and manage Splunk Enterprise Security, including maintaining CIM compliance, Risk-Based Alerting (RBA), ticketing, and SIEM integrationsUpdate and configure new Enterprise Security Content Updates when released.Lead the full lifecycle of automation - from concept through deployment to documentation and tuningBuild visual dashboards, reports, and context-aware incident response toolsSupport operational readiness, compliance, and proactive detection technologies across endpoint, cloud, network, and email infrastructuresApply patches and upgrades to Splunk SOAR and connectorsMaintain existing/create new fleet of Development VMs (Windows, Linux) that allow you to test and demonstrate playbook functionalityFully test and document playbook execution in the Development environment and be authoritative on presentation of playbook examples to new teams targeted for integration

What You’ll Bring

Required:

Active DoD TS/SCI clearanceBachelor’s degree and 8+ years of experience or Master’s and 6+ years. Additional experience, training, or certifications may be considered in lieu of a degree.Current IAT Level II certification (e.g., Security+ CE) or the ability to obtain within 30 days5+ years in Splunk SOAR/Phantom: playbook development, troubleshooting, and integrationsDeep expertise in Splunk Administration, security event analysis, and Python-based automationStrong working knowledge of cross-platform integrations and security tool APIsExperience with process improvement in fast-moving security environments

Preferred:

IAT Level III certification (e.g., CISSP)Splunk Certified Enterprise Security AdministratorProficiency in standard DoD Security and Operational products such as Active Directory, DNS, FWs (packet flows), Email, ACAS, Trellix/Tanium, Splunk, STIGs, Windows/Linux and the standard services associated with these operating systems and productsTechnical writing skills for SOPs and integration documentationCompletion of Splunk SOAR training coursesExperience with MITRE ATT&CK integration and SOC-level triage workflows

Why You’ll Love Working Here

Mission-Focused: Your skills will directly strengthen national security operationsInnovation-Driven: Get hands-on with advanced automation tools and frameworksGrowth-Oriented: Access certifications, trainings, and cutting-edge technical challengesTeam-Centric: Collaborate with passionate experts across cybersecurity, engineering, and intelligence

Ready to Elevate Your Impact?

Apply now and become a driving force behind modern defense operations at Leidos.

NITESONI
EIO2024

Original Posting:July 10, 2025

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:Pay Range $104,650.00 - $189,175.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.