Splunk Content Developer/Consultant in Houston, TX at Booz Allen Hamilton

Date Posted: 3/12/2018

Job Snapshot

Job Description

Job Number: R0024727

Booz Allen Hamilton has been at the forefront of strategy and technology for more than 100 years. Today, the firm provides management and technology consulting and engineering services to leading Fortune 500 corporations, governments, and not-for-profits across the globe. Booz Allen partners with public and private sector clients to solve their most difficult challenges through a combination of consulting, analytics, mission operations, technology, systems delivery, cybersecurity, engineering and innovation expertise.

Splunk Content Developer/Consultant

Key Role:

Work as part of an integrated and growing team to develop a new solution, in partnership with Splunk, to monitor and detect Cybersecurity threats in Industrial Control System (ICS) environments. Work with a team of industrial, Splunk, and Cybersecurity experts to develop use cases, data models, and connectors within Splunk to meet the products overall objectives. Work with clients across the commercial and government space to pilot the solution in real–world environments. Contribute to the overall success of the product roadmap leading up to a successful general availability release in the coming year. Act as a Splunk Search Language (SPL) expert, developing network or endpoint–based anomaly detection alerting logic in SPL and building dashboards to visualize results. Conduct research in security principles, host– and network–based security technologies, industrial control system devices, machine learning algorithms, and attack and mitigation methods. This position requires travel based on client and project needs.

Basic Qualifications:
-3+ years of experience with Splunk, network security, and system security and supporting security event management tools, including SIEMs
-2+ years of experience with rule and advanced logic creation in Splunk
-Experience with using scripting languages to automate tasks and manipulate data
-Experience with working in a large enterprise environment
-Experience with integrating solutions in a multi–vendor environment
-Knowledge of enterprise logging with a focus on application logging
-Knowledge of regular expressions
-Ability to obtain a security clearance

Additional Qualifications:
-Experience in an Incident Response role performing hunt activities
-Experience with enterprise–scale operations and maintenance environments
-Experience with Operational Technology (OT) or Industrial Control Systems (ICS)
-Experience with programming a plus
-Experience with Python
-Experience with various security tools, including Wireshark, Nessus, Nmap, Burp, Proxy, or Snort
-Knowledge of networking protocols
-Ability to be a Splunk language (SPL) expert
-BA or BS degree in CS, IT, or a related field
-Splunk Power User or Architect Certification

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

Integrating a full range of consulting capabilities, Booz Allen is the one firm that helps clients solve their toughest problems by their side to help them achieve their missions.  Booz Allen is committed to delivering results that endure.

We are proud of our diverse environment, EOE, M/F/Disability/Vet.



  1. Software Engineer Jobs
  2. Project Engineer Jobs

Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.

Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.