Splunk SIEM Engineer

Position OverviewResource Management Concepts, Inc. (RMC) provides high-quality, professional services to government and commercial sectors. Our mission is to deliver exceptional management and technology solutions supporting the protection and preservation of the people and environment of the United States of America.We are seeking a skilled Splunk SIEM Engineer to lead the evolution of our Splunk environment into a fully operational, enterprise-grade Security Information and Event Management (SIEM) platform. This role will be responsible for both the build-out and ongoing operations of the platform, ensuring it delivers reliable, actionable security insights and supports evolving cybersecurity initiatives. This is a hybrid position that requires regular onsite presence in Crane, Indiana. Key ResponsibilitiesLead the transformation of the Splunk environment into a fully functional SIEM platformManage and optimize the data ingestion pipeline{{:}}Audit existing data sources for relevance and efficiencyEliminate unnecessary data ingestion to control licensing costsOnboard and integrate new data sourcesParse, normalize, and map ingested data to the Splunk Common Information Model (CIM)Configure, maintain, and optimize Splunk Enterprise Security (ES)Configure, maintain, and optimize Splunk security orchestration, automation, and response platform (SOAR)Develop and maintain correlation searches, detections, and use casesCreate and tune alerts to improve fidelity and reduce false positivesBuild dashboards and visualizations for operational awareness and trend analysisMonitor overall platform health and performancePerform system upgrades, patching, and capacity planningManage intra Splunk certificatesManage the lifecycle of security content{{:}}Continuously refine detections and correlation rulesEnhance visibility and detection coverage based on emerging threatsEnsure consistent SIEM operations regardless of hosting environment or infrastructure ownershipSupport ongoing security operations and future cybersecurity initiativesRequirementsRequired QualificationsA SecurityX, CASP, or equivalent DoD 8140 IAT-3 certification is requiredSecurity Clearance{{:}} An interim DoD Secret security clearance or higher is required to start. Applicant selected may be subject to a security investigation and must meet eligibility requirements for access to classified informationHands-on experience with Splunk Enterprise and Splunk Enterprise Security (ES)Strong understanding of SIEM architecture, design, and operationsExperience with log ingestion, parsing, normalization, and CIM mappingProficiency in developing correlation searches, alerts, and dashboardsExperience tuning SIEM content to reduce false positives and improve detection accuracyFamiliarity with data onboarding strategies and license optimizationKnowledge of cybersecurity principles, threat detection, and incident responseExperience with system administration tasks including patching, upgrades, and performance monitoringPreferred QualificationsExperience operating Splunk in distributed or multi-tenant environmentsKnowledge of data pipelines and log forwarding technologies (e.g., syslog, APIs, forwarders)Familiarity with frameworks such as MITRE ATT&CKExperience supporting Zero Trust or advanced security architecturesPreferred certifications (e.g., Splunk Certified Admin, Splunk ES Certified, Security+)BenefitsAt RMC, we're committed to your career growth! RMC differentiates itself from other firms through its investment in our employees. We invest our resources to train, certify, educate, and build our employees.RMC can offer you a great place to work with a small company feel and give you the experience, tuition assistance, and certifications that will take your career to the next level. This also includes a competitive paid vacation package with 11 paid federal holidays. Additionally, we also offer high-quality, low-deductible healthcare plans, pet insurance, and a competitive 401K package.Salary at RMC is determined by various factors, including but not limited to location, a candidate's specific combination of education, knowledge, skills, competencies, and experience, as well as contract-specific requirements.