Senior Principal SIEM Engineer (TS/SCI Required)

We are looking for you to join our team as a Senior Principal SIEM Engineer based out of Tampa, FL. Please Note: Due to the classified nature of the work being performed, this position does not offer any virtual or telecommute working options. Applicants are encouraged to apply, only if they are willing to work on-site. Job Responsibilities: Individual must have experience with Splunk tool. Splunk is the preferred, but experience with an equivalent SIEM would be considered. Develop and Implement Splunk Queries: Create and optimize complex Splunk queries to extract, analyze, and visualize security data from diverse sources. Utilize Splunk Search Processing Language (SPL) to generate actionable insights for proactive threat detection and response. Design Splunk Dashboards and Reports: Design user-friendly Splunk dashboards and reports tailored to different stakeholders, such as security operations teams, management, and auditors. Provide real-time visibility into security events, trends, and key performance indicators. Configure and Maintain Splunk Infrastructure: Configure and fine-tune Splunk deployments, including data inputs, data parsing, field extractions, and data enrichment pipelines. Ensure the continuous availability and optimal performance of Splunk indexes, search heads, and forwarders. Utilize Splunk Enterprise Security: Leverage Splunk Enterprise Security to develop and implement security use cases, correlation searches, and notable events for threat detection and analysis. Monitor security-related alerts and incidents to identify and prioritize security threats. Investigate Security Incidents: Conduct in-depth investigations into security incidents, anomalies, and breaches using Splunk's forensic capabilities. Perform root cause analysis, incident triage, and post-incident reviews to identify gaps in security controls and recommend remediation actions. Collaborate with Cross-Functional Teams: Collaborate with cross-functional teams, including IT, network, and application teams, to integrate Splunk with various platforms and systems. Provide technical expertise in advising on security best practices and designing effective security controls. Documentation and Reporting: Document Splunk configuration, operational procedures, and security findings. Prepare comprehensive reports detailing security events, trends, and mitigation strategies. Communicate technical information effectively to non-technical stakeholders. Collaborate with network engineering teams to strategically deploy network Test Access Points (TAPS) and aggregators to ensure data accuracy, completeness, and compliance. Implement, configure, and manage network TAPs to passively monitor network traffic. Utilize network aggregators to collect, aggregate, and filter data from multiple network sources for effective monitoring and analysis. Help design and engineer Out-of-Band (OOB) SOC infrastructure.