Cyber Security Analyst III (Splunk SIEM Engineering & Development)

Position Overview The Cyber Security Analyst III is responsible for maintaining and enhancing Splunk dashboards, alerts and data integrations that strengthen enterprise threat detection and response. The role collaborates closely with experienced engineers and cybersecurity operations teams to ensure the SIEM environment delivers actionable insights, meets compliance obligations and runs reliably in a complex, regulated environment. Major Activities (Typical Duties/Responsibilities) • Build and maintain Splunk dashboards, reports, and correlation searches to improve visibility into security events. • Help onboard, parse, and normalize log data from various sources (firewalls, endpoints, servers, cloud environments). • Participate in regular Splunk health checks, monitor ingestion pipelines, and assist in troubleshooting performance or parsing issues. • Contribute to the development of basic automation scripts and workflows under the direction of senior engineers. • Work closely with security operations and IT teams to understand their needs and turn them into actionable Splunk solutions. • Maintain accurate configuration records, standard operating procedures, and change logs. • Ensure SIEM operations and configurations remain consistent with NIST SP 800-53, FISMA, and internal cybersecurity requirements. • Stay current on Splunk capabilities, industry trends, and best practices to help advance team maturity. Knowledge/Skills/Abilities • Working knowledge of Splunk Search Processing Language (SPL) for dashboards, reports and alerts. • Understanding of SIEM concepts, including event correlation, log management and alerting. • Familiarity with federal cybersecurity frameworks such as NIST SP 800-53 and FISMA. • Familiarity with the MITRE ATT&CK framework. • Good interpersonal skills: ability to work effectively and cooperatively with all levels of management and staff, affiliated-company employees as well as outside business associates; exhibits a professional manner in dealing with others. • Superior organizational, follow-up and detail-oriented skills. • Strong ability to analyze documents and categorize appropriately. • Ability to maintain accurate records. • Work independently, as well as on a team and with minimal supervision. • Make decisions, solve problems and exercise excellent judgment. • Work well under pressure and independently prioritize workload, while working on multiple projects. • Ability to research, organize and analyze technical information with particular attention to accuracy and detail. • Excellent written and verbal communication skills; including thorough knowledge of proper grammar, advanced vocabulary, spelling, editing and proofreading skills. • Proficient using Microsoft Office products, such as Word, Excel and PowerPoint, and industry-standard computer software and databases. • High degree of sensitivity regarding confidential information. Physical Abilities • Sufficient fine motor skills for the use of computers, calculators with an ability to withstand repetitive keyboarding for extended periods of time. • Visual and communications ability adequate to perform the essential functions of the job. • Ability to kneel, bend and twist at the waist on an occasional basis. • Ability to reach below shoulder height with regular frequency (desk position) and at or above shoulder height on occasion. • Ability to push, pull, carry and lift objects weighing up to 10 pounds on a regular basis, and greater weights on an occasional basis. • Ability to travel by vehicle or aircraft, and ability to safely operate a motor vehicle. Minimum Qualifications • Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or related field and at least five (5) years of progressive experience in information technology or cybersecurity, including two plus (2+) years of direct, hands-on experience with Splunk Enterprise or Splunk ES, or an equivalent combination of education, experience and training. • Ability to pass a background and drug screening. • Must have identification compliant with the Real ID Act at time of hire. • Must be able to obtain Department of Energy access badge. • Must be able to obtain and maintain a U.S. government security clearance. Preferred Qualifications • Splunk Certifications such as Core Certified Power User, Enterprise Certified Admin, or ES Certified Admin. • Experience with Python scripting, API integrations, or SOAR platforms (Cortex XSOAR, Phantom, etc.). • Exposure to cloud logging from AWS or Azure. • Experience supporting cybersecurity operations in a federal or highly regulated environment. Pay Range: $89,596.00-$158,000.00/ yearly Benefits: OSC Technical Solutions offers excellent benefits for eligible employees. Benefits include paid holidays, paid time off, 401k with employer match, dental, vision, health insurance plans through the Federal Employee Health Benefits (FEHB) program, as well as life and disability benefits. OSC Technical Solutions does not discriminate, and the company provides equal employment opportunity for all employees and applicants without regard to race, religion, color, sex, gender, sexual orientation, national origin, citizenship status, age, marital status, pregnancy or parenthood, handicap or disability, genetics, veteran status or any other legally protected characteristic. OSC Technical Solutions adheres to all federal, state and local laws regarding equal employment opportunity and will not discriminate against you in violation of these laws. OSC Technical Solutions reserves the right to apply CIRI Shareholder preference to qualified Shareholders in employment and advancement opportunities. OSC Technical Solutions participates in E-Verify. We will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS), with information from each new employee's Form I-9 to confirm work authorization. Reasonable Accommodation: OSC Technical Solutions will provide reasonable accommodations, according to applicable state and federal laws, to all qualified individuals with physical or mental disabilities. In compliance with the ADA Amendments Act (ADAAA), if you have a disability and would like to request an accommodation in order to apply for a position with OSC Global, LLC or any of its subsidiaries, please email [email protected]. Apply tot his job