Haystack
← Back to Jobs
Technology

Journeyman Cyber Security Engineer (Splunk/SIPR) - USSOCOM EDAT Zero Trust

KentroTampa, FL🇺🇸United StatesPosted 17 Jul 2026

Quick Overview

Work Type
On Site
Level
Mid Senior

Job Description

Overview

Thank you for considering IT Concepts dba Kentro, where innovation drives opportunity and collaboration leads to success. Our dynamic community of experts is fully committed to advancing our customers' missions, fostering professional growth, and making a positive impact on our communities. By joining our supportive community, you will find that Kentro is dedicated to your personal and professional development. Together, we can drive meaningful change, spark innovation, and achieve extraordinary milestones.

Kentro is seeking a Journeyman Cyber Security Engineer (Splunk) to support the U.S. Special Operations Command (USSOCOM) Enterprise Development, Application and Training (EDAT) Zero Trust initiative. This position provides engineering and operational support for Splunk Enterprise and Splunk Enterprise Security (ES), assisting with the implementation, integration, and optimization of User and Entity Behavior Analytics (UEBA), Security Information and Event Management (SIEM), and Security Orchestration, Automation, and Response (SOAR) capabilities.

The Journeyman Cyber Security Engineer will work as part of a multidisciplinary Zero Trust team supporting the Department of Defense (DoD) Visibility and Analytics pillar while helping automate cybersecurity operations. This role contributes to the deployment, tuning, and maintenance of Splunk capabilities, supports RMF activities, and assists senior engineers in delivering secure, scalable cybersecurity solutions.

Location: Onsite in Tampa, FL

Responsibilities

  • Support implementation, administration, and optimization of Splunk Enterprise and Splunk Enterprise Security (ES).
  • Assist with onboarding, normalizing, and validating security telemetry from enterprise systems and network devices.
  • Configure and tune dashboards, searches, alerts, correlation rules, and reports to improve threat detection and operational visibility.
  • Support UEBA and SOAR integrations within the Zero Trust architecture.
  • Assist with workflow development and automation to improve incident response and operational efficiency.
  • Work collaboratively with ISSOs, cybersecurity engineers, and other government and contractor personnel supporting the Zero Trust initiative.
  • Support RMF activities, including documentation updates, security control implementation, and Authorization to Operate (ATO) package maintenance.
  • Assist in interpreting and implementing DISA Security Technical Implementation Guides (STIGs) and cybersecurity compliance requirements.
  • Participate in security assessments, vulnerability remediation efforts, and system hardening activities.
  • Troubleshoot Splunk platform issues, data ingestion problems, and integration challenges.
  • Provide technical recommendations for improving security monitoring and operational processes.
  • Document engineering configurations, standard operating procedures, and technical implementation guides.
  • Support incident response, log analysis, and cybersecurity investigations as required.
  • Collaborate with senior engineers to implement best practices and continuous improvements across the Zero Trust environment.

Qualifications

  • Education: Bachelor's degree in Computer Science, Information Systems, Cybersecurity, Engineering, or a related field; or Ma/MS
  • Experience: At least 3 years of relevant experience
  • Technical Skills:
    • Experience with Splunk administration and engineering.
    • Experience with Splunk Enterprise Security (ES) operations and configurations.
    • Experience with Splunk telemetry integration, workflow engineering, and tuning
    • Proficiency with Unix and Windows environments.
  • Certification Required:
  • DoD 8570 IAT Level II/ DoW 8140 (511) or Advanced certification (e.g., CISSP)

Preferred Qualifications:

  • Splunk certifications such as Splunk Certified Cybersecurity Defense Architect, Splunk Enterprise Certified Architect, Splunk Certified Cybersecurity Defense Engineer, Splunk Core Certified Advanced Power User, Splunk Core Certified Consultant
  • Experience with scripting or programming languages (e.g., Bash, Python, Java, Perl, .NET).
  • Familiarity with developing and deploying operational and security use cases within Splunk.
  • Familiarity with DoW & NSA Zero Trust Guidance
  • Familiarity with DoW RMF ATO process and answering controls
  • Familiarity with USSOCOM SOFNET

Clearance Requirement:

  • Active TS/SCI Eligibility

Skills

Splunk
Bash
.NET
Java
Perl
Python
Zero Trust

Similar jobs