Splunk Administrator

About The Position

Requirements

• 4+ years of experience administering and managing Splunk Enterprise environments on Linux-based systems
• Experience configuring and managing Splunk distributed infrastructures, including indexers, search heads, and forwarders
• Knowledge of Linux system administration, including performance tuning and troubleshooting, such as Red Hat or CentOS
• Knowledge of scripting for automation and system management, including Bash and Python
• Knowledge of Splunk Search Processing Language (SPL) for data analysis and query optimization
• Ability to monitor, troubleshoot, and optimize Splunk performance in Linux environments
• Apply security best practices to Splunk and Linux systems
• Work collaboratively and communicate complex technical issues effectively
• Secret clearance
• HS diploma or GED
• Splunk certification, such as Splunk Certified Admin, or Splunk Certified Power User certification
• Linux certification, such as RHCSA or LPIC-2 certification
• Ability to obtain IAT Level II certification before start date

Nice To Haves

• Experience with advanced cybersecurity concepts or enterprise‑level security architecture
• Experience researching, evaluating, or adopting emerging technologies to enhance system security or operational capabilities
• Knowledge of advanced security frameworks or methodologies, such as Zero Trust, RMF, or NIST 800‑53
• Ability to solve complex technical problems through analytical thinking and structured troubleshooting
• Ability to apply industry best practices to improve system reliability, efficiency, or automation

Responsibilities

• Administer, configure, and maintain Splunk Enterprise on Linux-based systems
• Install and configure Splunk forwarders, indexers, and search heads
• Design, implement, and manage Splunk infrastructure on Linux servers
• Troubleshoot and optimize Splunk performance on Linux environments, ensuring smooth and efficient operations
• Configure and manage Splunk apps, add-ons, and integrations with third-party data sources
• Monitor Splunk health, conduct regular backups, and implement disaster recovery procedures
• Collaborate with security and operations teams to define logging and monitoring strategies
• Ensure Splunk infrastructure is secure by implementing access controls, encryption, and security best practices
• Perform regular updates, patches, and upgrades for Splunk and Linux systems
• Develop and maintain automation scripts for monitoring, backups, and system configurations
• Provide support for incident response, reporting, and debugging within Splunk environments
• Other Information Assurance duties as assigned
• Develop relationships quickly and easily with other teams, communicating the complexities of security with a wide variety of audiences, including senior management.

Benefits

• health
• life
• disability
• financial
• retirement benefits
• paid leave
• professional development
• tuition assistance
• work-life programs
• dependent care