Senior Cybersecurity Engineer

Position Summary

Peraton is seeking a highly experienced Senior Cybersecurity Engineer to support federal government cybersecurity operations and enterprise security analytics initiatives. This position is responsible for designing, implementing, securing, and maintaining complex Splunk environments that support mission-critical security monitoring, threat detection, incident response, compliance, and operational analytics requirements within a government contracting environment.

The ideal candidate will possess advanced expertise in Splunk engineering, cybersecurity operations, and federal security compliance frameworks, with demonstrated experience supporting secure enterprise systems in highly regulated environments. This role requires collaboration with government stakeholders, program managers, cybersecurity teams, and enterprise infrastructure personnel to ensure scalable, resilient, and compliant security solutions.

Key Responsibilities

• Design, implement, administer, and optimize enterprise Splunk architectures supporting federal cybersecurity operations and mission requirements.
• Engineer and maintain scalable data ingestion, indexing, normalization, correlation, visualization, alerting, and reporting capabilities across classified and unclassified environments.
• Develop and maintain Splunk Enterprise Security (ES) use cases, correlation searches, dashboards, threat detections, and automated alerting capabilities.
• Collaborate with government customers, ISSOs, ISSMs, SOC analysts, system administrators, and program leadership to gather operational and compliance requirements.
• Integrate Splunk with enterprise security technologies including firewalls, IDS/IPS, EDR solutions, vulnerability management tools, identity and access management systems, cloud security platforms, and network monitoring solutions.
• Support Security Operations Center (SOC) activities including threat hunting, incident response, forensic investigations, and continuous monitoring initiatives.
• Implement cybersecurity best practices and hardening standards for Splunk infrastructure in accordance with federal security requirements.
• Ensure Splunk environments comply with federal cybersecurity frameworks including NIST 800-53, RMF, FISMA, DOE cybersecurity directives, Zero Trust Architecture, and Continuous Diagnostics and Mitigation (CDM) requirements.
• Develop custom Splunk applications, APIs, scripts, and automation workflows to improve operational efficiency and security visibility.
• Perform system upgrades, patch management, performance tuning, troubleshooting, and capacity planning for distributed Splunk environments.
• Support Authority to Operate (ATO) processes by developing and maintaining required cybersecurity documentation, artifacts, and audit evidence.
• Create and maintain architecture diagrams, standard operating procedures, security documentation, and technical implementation guides.
• Provide technical leadership, mentorship, and guidance to junior engineers and cybersecurity analysts.
• Participate in cybersecurity assessments, audits, tabletop exercises, and compliance reviews.

Required Qualifications

• Minimum of 16 years with HS; 12 years with BS/BA; Minimum of 10 years with MS/MA; Minimum of 7 years with Ph.D.
  Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, Engineering, or related discipline; equivalent experience may be substituted.
• Strong expertise in Splunk distributed architectures
• Experience supporting Security Operations Centers (SOC) and enterprise continuous monitoring programs.
• Demonstrated experience implementing and maintaining systems in compliance with:
  • NIST 800-53
  • RMF (Risk Management Framework)
  • FISMA
  • Zero Trust Architecture
  • DOE or other federal cybersecurity directives
• Strong understanding of cybersecurity principles including threat detection, incident response, vulnerability management, identity management, and network security.
• Excellent analytical, troubleshooting, and communication skills.
• Ability to work effectively in fast-paced, mission-focused government environments.
• Ability to obtain DOE Q/SCI clearance.

Preferred Qualifications

• Splunk certifications such as:
  • Splunk Enterprise Certified Architect
  • Splunk Enterprise Security Certified Admin
  • Splunk Core Certified Power User
• Industry certifications such as:
  • CISSP
  • GIAC
  • Security+
  • CEH
  • CySA+
• Experience supporting Department of Energy (DOE)