• Security Information and Event Management Support

    Job Locations US-MD-Woodlawn
    # of Openings
    Information Technology
    Job ID
  • Overview

    OBXtek Inc. is an established award-winning business providing information technology and professional management services to the federal government. OBXtek is a leader in its field and is committed to identifying, developing, and delivering innovative, mission-focused technical and logistical solutions to over 15 civilian and military partners in the Federal Government.


    As a prime contractor for 93% of our current work, we possess a robust corporate infrastructure that provides management oversight and support for all our programs. OBXtek pairs lessons learned across disciplines with industry standard quality practices such as CMMI-Dev Level III, ITIL, 6Sigma, PMI, and ISO to create processes that leverage best practices and result in novel, successful solutions.


    OBXtek is currently staffing for an Expert Systems Programmer to support SSA's OIS division in developing and supporting the Security Operation Center (SOC) Splunk environment. Splunk software captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations.

    SIEM Management


    • Create and use Splunk queries and dashboards to identify, categorize, and, if needed, escalate events of interest and manage event data streams;
    • Tune and maintain the Splunk environment;
    • Manage access to the Splunk Enterprise Security Application; and
    • Research and implement advanced event correlation techniques to identify Advanced Persistent Threat and “Zero Day” attacks.

    Splunk Workflow and Content Management


    • Integrate new log sources and data correlation rules into the Splunk environment;
    • Configure and customize existing and new systems and applications; and
    • Advise the agency on matters related to Splunk and security architecture.

    Perform 3rd Tier Security Incident Support


    • Analyze new security incidents when 1st and 2nd tier troubleshooters are unable to determine cause.
    • Recommend course of action to SOC staff and agency management staff.

    Ad Hoc Programming and Script Customization


    • Create ad hoc programs for specific Splunk workflow improvement using PHP, Perl, Batch, Regex and shell:
    • Modify existing code and scripts (PHP, Perl, Batch, Regex, shell) to reflect changing work environment;
    • Optimize existing code and scripts (PHP, Perl, Batch, Regex, shell) to reflect changing work environment; and
    • Customize existing applications using programming language (PHP, Perl, Batch, Regex, shell).

    Develop Threat Intelligence Feeds and Mature Existing Feeds


    • Identify sources that provide Open Source Intelligence (OSINT) that is relevant to SSA systems;
    • Integrate these feeds into Splunk;
    • Design and publish Situational Report (SITREP) reports for both system admins and SSA executive staff;
    • Develop a process to integrate and respond to US-Cert SAR reports; and
    • Develop an impact assessment report for threat feeds and Advanced Persistent Threats (APT).



    • Experience:  Strong background in Splunk is desired; Splunk certifications a plus.
    • 10 years technically related experience.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed