Splunk Administrator Level 3

About The Position

Requirements

• BA/BS in Computer Science, Information Technology, Information Assurance, or a related area of study desired; Master’s preferred. Without a degree, 15+ years of relevant professional experience in those fields.
• 10+ years of professional experience with LAN/WAN technologies, networking protocols, file systems, ports, services, and commands (Windows and Unix/Linux).
• 8+ years of concentrated experience in the CND discipline.
• 6+ years of professional experience in Splunk, Splunk Add-ons and Apps, and Splunk TA and Universal Forwarder.
• Expert-level knowledge of Splunk and its Add-ons and applications (Enterprise, Enterprise Security (ES), Security Orchestration, Automation, and Response (SOAR), User Behavior Analytics (UEBA), IT Service Intelligence (ITSI)).
• Significant experience in the System/Software Development Life Cycle (SDLC) Process.
• Strong analytical, conceptual, and problem-solving skills.
• Effective interpersonal, organizational, time management, writing/documentation, and briefing skills with strong attention to detail.
• Ability to prioritize, execute, and complete tasks with little to no direction in a high-pressure environment.
• Must possess one of the industry certifications listed under CSSP Infrastructure Support per the requirements of the DoD Cyber Security Workforce Improvement Program, DoD 8570.01-M, prior to reporting on board.
• TS/SCI Clearance

Responsibilities

• Splunk Administration: Installation, integration, configuration, administration, maintenance, and performance optimization of Splunk and its Add-ons and Apps.
• Ensure compliance with Risk Management Framework (RMF) functions.
• Create and manage REGEX parsing and .xml presentation of log data.
• Develop and maintain SPL queries, dashboards, and reports.
• Cybersecurity and Network Management: Utilize 10+ years of experience with LAN/WAN technologies, networking protocols, file systems, ports, services, and commands (Windows and Unix/Linux).
• Apply 8+ years of concentrated experience in the Computer Network Defense (CND) discipline.
• Implement encryption key creation, installation, and maintenance to secure communications channels.
• Python and Database Management: Significant experience with Python scripting to automate Linux and Splunk tasks.
• Utilize dbConnect, SQL, and database scraping for log data.
• Cloud and OS Administration: Manage Amazon Web Services resources and RedHat Enterprise Linux.
• Documentation and Compliance: Create "best practices," manuals, and standard operating procedures utilizing Federal, DoD, IC, and industry standards.
• Ensure Splunk Common Information Model (CIM) compliance and perform automated/manual data mapping.
• Write technical documents addressing complex, sensitive issues.
• Interpersonal and Communication Skills: Effectively communicate with all levels of management, mission stakeholders, and customers.
• Develop and present presentations, conveying complex technical issues in business terms.
• Proven ability to think outside the box by providing innovative, creative solutions to complex cybersecurity issues.

Benefits

• Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
• We offer competitive compensation, benefits and learning and development opportunities.
• Our broad and competitive mix of benefits options is designed to support and protect employees and their families.
• At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.