Title: Spunk Engineer SME Belong. Connect. Grow. with KBR! KBR’s National Security Solutions team provides high-end engineering and advanced technology solutions to our customers in the intelligence and national security communities. In this position, your work will have a profound impact on the country’s most critical role – protecting our national security. Why Join Us? + Innovative Projects: KBR’s work is at the forefront of engineering, logistics, operations, science, program management, mission IT and cybersecurity solutions. + Collaborative Environment: Be part of a dynamic team that thrives on collaboration and innovation, fostering a supportive and intellectually stimulating workplace. + Impactful Work: Your contributions will be pivotal in designing and optimizing defense systems that ensure national security and shape the future of space defense. + Implements, tests, and operates advanced software security techniques in compliance with technical reference architecture. • Performs on-going security testing and code review to improve software security. + Troubleshoots and debugs issues that arise. + Provides engineering designs for new software solutions to help mitigate security vulnerabilities. • Contributes to all levels of the architecture and maintains technical documentation. + Consults team members on secure coding practices. Develops a familiarity with new tools and best practices. • Designing, implementing, and maintaining SIEM and SOAR solutions. + Design and implement threat detection, automate incident response processes, integration of various security tools with SIEM and SOAR platforms via APIs + Maintain SIEM applications to collect and aggregate IDS and IPS data from network sensors, raw data from collection agents, firewalls, proxy servers, DLP, antivirus, vulnerability scanner elements, and other security-relevant devices. + Utilize expertise in Splunk "Search" language, Splunk Dashboards, Reports, Lookup Tables, and Summary Indexes. Build Splunk dashboards that take inputs from various data sources such as application logs / operating system logs / middleware logs / network feeds etc. and identify / highlight anomalous activities on the dashboards by their severity levels. + Perform troubleshooting and provide assistance with the creation of Splunk search queries and dashboards. Minimum Qualifications: + Proven experience as a Splunk Administrator or similarly named Splunk focused role. + Strong understanding of Splunk architecture, components, and deployment options. + Proficiency in Splunk Search Processing Language (SPL) for creating complex search queries and reports. + Experience with Splunk data ingestion methods, including forwarders, HTTP Event Collector (HEC), and scripted inputs. + Familiarity with Splunk Enterprise Security (ES), Qumolos, and Splunk SOAR is a plus. • 8140/8570 IAT Level III certification required. Desired Qualifications: 5 to 8 years with BS/BA or 3 to 5 years with MS/MA or 0 to 2 years with PhD. + Solid understanding of IT infrastructure, including networking, operating systems, and security principles. + Excellent problem-solving skills and attention to detail. + Strong communication and collaboration abilities. Basic Compensation: $130,000 to $190,000 This range is for the Maryland area only The offered rate will be based on the selected candidate’s knowledge, skills, abilities and/or experience and in consideration of internal parity. Belong, Connect and Grow at KBRAt KBR, we are passionate about our people and our Zero Harm culture. These inform all that we do and are at the heart of our commitment to, and ongoing journey toward being a People First company. That commitment is central to our team of team’s philosophy and fosters an environment where everyone can Belong, Connect and Grow. We Deliver – Together. KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.