CACI International Arcsight/Splunk Engineer in Chantilly, Virginia

Job Description

Job Description

We're hiring an Arcsight/Splunk Engineer for our CACI team supporting the DHS. You'll be the lead for O&M’ing the Security Event and Incident Management (SEIM) system (Splunk) and associated exchange mechanisms within the CDM Operational Environment. You'll be responsible for directing the work of a team of nine performing this work including 4 sub-contactors. This position will report to the Engineering Support manager who directs the overall O&M efforts of the CDM Solution.

What You’ll Get to Do:

  • Maintain and enhance the CDM data exchange mechanisms, using the Security Content Automation Protocol (SCAP)-compliant Asset Summary Reporting (ASR) format

  • Ensure interoperability between tool sensors and integration layer to include configuring and monitoring the Splunk Search Heads and Forwarders.

  • Responsible for O&M of multiple sensor database types

  • Coordinates with data owners to expose data and then setup mechanisms to ensure data flows correctly

  • Track resource utilization and through-put; recommend technical and process enhancements to improve effectiveness and efficiency

  • Set up and configure Splunk search servers, deployment servers, clustered indexers, and forwarders, as required

  • Configure Splunk integration points and verify functionality in the technical evaluation environment

  • Document build procedures and customizations to provide inputs to functional and operational requirements

  • Create custom reports for ingestion to RSA Archer CDM Dashboard

  • Demonstrate innovative influence for projects

  • Problems faced are difficult and often complex

  • Communicates with parties within and outside of own job function

More About the Role:

  • Prepare status reports at least weekly and monthly and complete other reporting requirements as required

  • Provide QA for team member’s work

  • Responsible for developing, coordinating and maintaining the relevant portions of the Service Operations Handbook and holding team members accountable for following published SOPs.

  • Track and report on team’s performance via formal performance metrics

  • Coordinate and lead outage or security incident responses related to the components of the CDM Solution.

You’ll Bring These Qualifications:

  • BA/BS and 5+ Years of relevant experience

  • Splunk Expert

  • Demonstrated knowledge of ITIL processes and experience leading a Cyber Operations Team using those processes

  • Clear and proven communicator and leader. Must be able to work well in an environment where they are facilitating a large group of government and other contractor personnel to achieve a common goal.

  • Detail oriented – must be able to recognize critical elements of successful operations and then hold themselves and their teams accountable for meeting those critical elements.

  • Flexibility – The environment is very dynamic. The Engineering Manager will be expected to keep up with the changing environment while ensuring a high level of operational effectiveness

  • Team Player – This role is part of a much larger team. The engineering manager will be expected to grow and develop their subordinate team members’ moral and wellbeing as well as support the overall Operations Team and Team CACI’s mission.

These Qualifications Would be Nice to Have:

  • Ability to obtain a DoD Clearance

  • Working knowledge Cyber Security tools like the McAfee and Symantec Suites, Tenable Nesses, ForeScout, RSA Archer

  • Agile developmental experience

  • Relevant DHS or .Gov Cyber Security focused experience

What We Can Offer You:

  • We’ve been named a Best Place to Work by the Washington Post.

  • Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.

  • We offer competitive benefits and learning and development opportunities.

  • We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.

For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.


Job Location


CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.