Onsite Splunk Engineer (Cleared)

About The Position

Requirements

• Must have active TS/ SCI with Full Scope Polygraph security clearance.
• Minimum 2-4 years of hands-on experience with Splunk administration, implementation, and data analysis, preferably in a medium-to-large enterprise environment.
• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field is preferred.

Responsibilities

• Install, configure, and manage Splunk environments across on-premise and cloud infrastructures.
• Perform upgrades, patches, and maintenance to ensure optimal system performance and security.
• Monitor Splunk system health and troubleshoot issues related to performance, configuration, and connectivity.
• Work closely with application owners, network engineers, and other stakeholders to identify relevant data sources.
• Develop and maintain data onboarding processes, including parsing, indexing, and normalization of logs and metrics from diverse systems.
• Write and optimize regular expressions, data transforms, and event types to ensure accurate data ingestion.
• Create complex Splunk queries using Search Processing Language (SPL) to perform analysis and extract meaningful insights.
• Develop dashboards, reports, and alerts tailored to operational, security, and business requirements.