Splunk Engineer

Requisition #518

Job Title: Splunk Engineer

Location: REMOTE

Clearance Level: Active DoD - Public Trust

Salary Range: $126,000 - $189,000

Required Certification(s):

· Must have a Splunk certification

SUMMARY

The Security Operations Center (SOC) is a U.S. Government program responsible to prevent, identify, contain and eradicate cyber threats to the clients networks through monitoring, intrusion detection and protective security services to the clients information systems. The SOC is responsible for the overall security of the clients Enterprise-wide information systems, and collects, investigates, and reports any suspected and confirmed security violations.

The Splunk Engineer will install and maintain Splunk infrastructure, gather requirements from customers, onboard data, and assist end users with searches, dashboards, reports, and knowledge objects. The Splunk Engineer may be required to interact with senior management, as necessary. Conceptualize, design, build, and maintain current and future customer-supported tools and platforms Manage multiple assignments, changing priorities, and work independently with little oversight Lead team of Splunk engineers in the management of Splunk solution to optimize data availability for SOC and other stakeholders. Develop data storage, access, and retention strategies for a large IT enterprise using industry standards and best practices to advise Customer executive-level stakeholders Design, build, implement, and administer Splunk infrastructure in on-prem and cloud environments.

JOB DUTIES AND RESPONSIBILITIES

· Conceptualize, design, build, and maintain current and future customer-supported tools and platforms

· Manage multiple assignments, changing priorities, and work independently with little oversight

· Lead team of Splunk engineers in the management of Splunk solution to optimize data availability for SOC and other stakeholders.

· Develop data storage, access, and retention strategies for a large IT enterprise using industry standards and best practices to advise Customer executive-level stakeholders

· Design, build, implement, and administer Splunk infrastructure in on-prem and cloud environments.

· Create, manage, and support automation solutions for Splunk deployment and orchestration in on-prem and cloud environments

· Work with existing and custom Splunk applications and add-ons to fulfill customer needs

· Provide overall engineering and design support for a distributed Splunk environment consisting of heavy forwarders, indexers, and search head servers, spanning security, performance, and operational roles

· Onboard data to Splunk via forwarder, scripted inputs, TCP/UDP, and modular inputs from various sources

· Normalize data to ensure CIM compliance, and develop data models to accelerate queries, dashboards, and correlation searches

· Work closely with all relevant stakeholders to solve technical problems at the network, system, and application levels

· Conduct periodic architectural reviews of Splunk and related systems to assess effectiveness and propose optimal installation alternatives as required

· Develop and manage comprehensive documentation, artifacts, procedures, and processes for the optimal management of the Splunk infrastructure.

QUALIFICATIONS

Required Certifications

· Must have a Splunk certification

Education, Background, and Years of Experience

· Bachelors Degree

ADDITIONAL SKILLS & QUALIFICATIONS

Required Skills

· Bachelor's degree

· 8+ years of experience working in a professional environment

· Experience with deploying, maintaining, or integrating using cybersecurity tools and applications, including Splunk, Cribl, and Elastic

· Ability to integrate cybersecurity engineering principles into infrastructure planning, design, and deployment

· Ability to meet schedule, performance, and quality within the systems development life cycle (SDLC)

· Ability to support control consistency, integrity monitoring, and health checks of data ETL pipelines and review platforms

Preferred Skills

· Experience with SIEM tools, endpoint security, or digital forensics

· Experience with system engineering, computer science, information systems, engineering science, or engineering management

· Knowledge of security architecture design and integration

WORKING CONDITIONS

Environmental Conditions

· Remote: Monday - Friday, core hours.

Strength Demands

· Sedentary – 10 lbs. Maximum lifting, occasional lift/carry of small articles. Some occasional walking or standing may be required. Jobs are sedentary if walking and standing are required only occasionally, and all other sedentary criteria are met.

Physical Requirements

· Stand or Sit; Walk; Repetitive Motion; Use Hands / Fingers to Handle or Feel; See; Push or Pull