Splunk SIEM Engineer

Position Overview

Resource Management Concepts, Inc. (RMC) provides high-quality, professional services to government and commercial sectors. Our mission is to deliver exceptional management and technology solutions supporting the protection and preservation of the people and environment of the United States of America.

We are seeking a skilled Splunk SIEM Engineer to lead the evolution of our Splunk environment into a fully operational, enterprise-grade Security Information and Event Management (SIEM) platform. This role will be responsible for both the build-out and ongoing operations of the platform, ensuring it delivers reliable, actionable security insights and supports evolving cybersecurity initiatives. This is a hybrid position that requires regular onsite presence in Crane, Indiana.

Key Responsibilities

• Lead the transformation of the Splunk environment into a fully functional SIEM platform
• Manage and optimize the data ingestion pipeline:
• Audit existing data sources for relevance and efficiency
• Eliminate unnecessary data ingestion to control licensing costs
• Onboard and integrate new data sources

• Parse, normalize, and map ingested data to the Splunk Common Information Model (CIM)
• Configure, maintain, and optimize Splunk Enterprise Security (ES)
• Configure, maintain, and optimize Splunk security orchestration, automation, and response platform (SOAR)
• Develop and maintain correlation searches, detections, and use cases
• Create and tune alerts to improve fidelity and reduce false positives
• Build dashboards and visualizations for operational awareness and trend analysis
• Monitor overall platform health and performance
• Perform system upgrades, patching, and capacity planning
• Manage intra Splunk certificates
• Manage the lifecycle of security content:
• Continuously refine detections and correlation rules
• Enhance visibility and detection coverage based on emerging threats

• Ensure consistent SIEM operations regardless of hosting environment or infrastructure ownership
• Support ongoing security operations and future cybersecurity initiatives

Requirements:
Required Qualifications

• A SecurityX, CASP, or equivalent DoD 8140 IAT-3 certification is required.
• Security Clearance: An interim DoD Secret security clearance or higher is required to start. Applicant selected may be subject to a security investigation and must meet eligibility requirements for access to classified information.
• Hands-on experience with Splunk Enterprise and Splunk Enterprise Security (ES)
• Strong understanding of SIEM architecture, design, and operations
• Experience with log ingestion, parsing, normalization, and CIM mapping
• Proficiency in developing correlation searches, alerts, and dashboards
• Experience tuning SIEM content to reduce false positives and improve detection accuracy
• Familiarity with data onboarding strategies and license optimization
• Knowledge of cybersecurity principles, threat detection, and incident response
• Experience with system administration tasks including patching, upgrades, and performance monitoring

Preferred Qualifications

• Experience operating Splunk in distributed or multi-tenant environments
• Knowledge of data pipelines and log forwarding technologies (e.g., syslog, APIs, forwarders)
• Familiarity with frameworks such as MITRE ATT&CK
• Experience supporting Zero Trust or advanced security architectures
• Preferred certifications (e.g., Splunk Certified Admin, Splunk ES Certified, Security+)
• Required certification CompTIA SecurityX (CASP)

Benefits:
At RMC, we're committed to your career growth! RMC differentiates itself from other firms through its investment in our employees. We invest our resources to train, certify, educate, and build our employees.

RMC can offer you a great place to work with a small company feel and give you the experience, tuition assistance, and certifications that will take your career to the next level. This also includes a competitive paid vacation package with 11 paid federal holidays. Additionally, we also offer high-quality, low-deductible healthcare plans, pet insurance, and a competitive 401K package.

Salary at RMC is determined by various factors, including but not limited to location, a candidate's specific combination of education, knowledge, skills, competencies, and experience, as well as contract-specific requirements. The current annual salary range for this position will be $95,000 to $112,000.