Splunk Data Engineer

About The Position

Requirements

• 2+ years of experience managing and configuring Splunk, and in Splunk architecture, including indexers, search heads, forwarders, and deployment servers
• 2+ years of experience configuring data sources, destinations, routes and collectors, and building pipelines to parse, normalize, enrich, mask, dedupe, and route data to Targets
• 2+ years of experience authoring and maintaining props.conf, transforms.conf, inputs.conf, and outputs.conf, and packaging Apps or TAs
• 2+ years of experience in Linux and Windows administration, including file paths, services, permissions, and log locations
• 1+ years of experience with regex for field extraction and event breaking, and Splunk REST API for automation and operational tasks
• Active TS/SCI clearance; willingness to take a polygraph exam
• Associate’s degree and 5+ years of experience supporting IT projects and activities, OR Bachelor’s degree and 3+ years of experience supporting IT projects and activities, OR Master’s degree and 1+ years of experience supporting IT projects and activities, OR 10+ years of experience supporting IT projects and activities in lieu of a degree
• DoD 8570 IAT Level II certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND certification
• Ability to obtain a DoD 8570 Cyber Security Service Provider - Infrastructure Support certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND certification, within 60 days of start date

Nice To Haves

• 2+ years of experience with Networking fundamentals, including TCP/UDP, TLS, syslog transport, firewall ports, and common transport issues
• 2+ years of experience in basic troubleshooting with tools such as tcpdump or wireshark, basic vi/vim usage, setfacl, and SELinux
• 1+ years of experience with DoD STIGs or other organizational hardening standards working in regulated environments
• Experience in SPL for validation, troubleshooting and basic dashboards
• Experience with scripting languages such as Python, Bash, or PowerShell
• Experience with Load-Balancer fundamentals
• Knowledge of common log formats, including syslog, Windows Event, JSON, CSV, and XML
• Knowledge of Git for code version control
• Knowledge of Ansible playbooks
• Possession of strong verbal and written communication skills

Responsibilities

• Design, deploy, and manage Splunk infrastructure.
• Develop and maintain Splunk dashboards, queries, and alerts.
• Integrate Splunk with various data sources to ensure comprehensive data ingestion.
• Monitor and troubleshoot Splunk performance issues.
• Collaborate with cross-functional teams to gather requirements and provide Splunk solutions.
• Implement and enforce best practices for Splunk data management and retention.
• Provide user training and support for Splunk-related activities.

Benefits

• health
• life
• disability
• financial
• retirement benefits
• paid leave
• professional development
• tuition assistance
• work-life programs
• dependent care
• recognition awards program