Junior Splunk Analyst

About The Position

Requirements

• 2 years of experience in SPLUNK administrator/engineering in a large complex enterprise environment.
• Proficiency in the SPLUNK platform.
• Familiarity with Ansible, Python, and PowerShell scripting.
• Familiarity with Internet Proxy Logs, RSA, Windows Active Directory, Windows Servers, Red Hat Enterprise Linux Servers.
• Experience with capacity planning in Windows/ Linux environments.
• Must be a US citizen with the ability to obtain a Top-Secret security clearance.

Nice To Haves

• SPLUNK Certifications

Responsibilities

• Perform daily administrative tasks to manage Splunk datasets and storage utilization, including monitoring automated backup tasks, manually backing up data if necessary, and monitoring storage utilization on Splunk servers and network attached storage.
• Maintain Splunk Knowledgebase by updating existing and creating new KB articles.
• Create and update Splunk resources including saved searches, visualizations, alerts, dashboards, and other ad hoc deliverables.
• Interface with the user community to provide first-level support for troubleshooting issues or assisting with Splunk requirements.
• Coordinate with, accept tasking from, accept guidance from, and collaborate on priorities with the Senior Splunk engineer / Task lead.
• Participate in periodic stand-up task meetings.
• Create Splunk reports and dashboards based on enterprise customer requirements or internal team needs.
• Assist in creating, updating, and documenting Ansible playbooks (scripts) used to automate tasks and workflows within the Splunk environments.
• Manage Splunk lookups by verifying automated job updates to lookup tables and making ad hoc changes as necessary.
• Monitor, administer, and maintain accessibility to Splunk components including search heads, indexers, deployers, cluster masters, forwarders, and syslog servers for continuous production environment uptime.
• Coordinate with various components within the organization to troubleshoot issues.
• Manage and secure RHEL and Windows servers for the Splunk platform, including patches and access controls.
• Assist the team with reviewing, assessing, and implementing new data sources (e.g., syslog, scripted input, db inputs).
• Work with IT Managers to validate data and provide training on new dashboard enhancements.
• Assist with maintaining existing PowerShell / Python / C# scripts and creating new scripts as needed.
• Assist with integrating various data sets into Splunk and creating new dashboards to ensure the confidentiality, integrity, security, and availability of the USAO WAN.
• Provide a weekly Progress/Exceptions Report including a list of tasks assigned, completed, and pending.

Benefits

• Competitive salaries
• Employee Assistance Program
• 401K
• Medical/Dental/Vision Insurance
• Life/Short-Term Disability/Critical Illness/Accident Insurance
• 15 PTO Days
• 11 Federal Holidays
• Up to $5K towards continuing education and/or professional development