Splunk Engineer

About The Position

Requirements

• BA/BS degree and 10 years of experience. In lieu of a bachelor’s degree 9 years of experience if AA/AS, or 11 additional years of experience with HS diploma
• 8+ years of experience and demonstrated knowledge supporting IT Systems
• 4+ years of experience implementing and operating Splunk systems to include universal and heavy forwarders, search heads, deployment server, and indexes
• Proven experience in designing, implementing, and maintaining Splunk solutions including, but not limited to: Splunk Enterprise, Splunk IT Service Intelligence, Splunk Log Management
• Knowledge of Linux security best practices
• Knowledge of cybersecurity compliance including RMF and IA standards
• Excellent problem-solving and analytical skills
• Service-oriented mindset
• Strong communication and collaboration skills
• Bachelor's degree in Computer Science, Information Technology, or a related field
• Splunk Certifications: o Splunk Certified for Splunk IT Service Intelligence (ITSI) o Splunk Certified Administrator (SCA)
• Must remain on the client site during Program core hours of 0900-1500

Nice To Haves

• Current Security+ or DOD 8570 IAT Level II Certification
• AWS or Azure Certification
• ITIL v4 Certification
• Strong understanding of IT operations, security, and business intelligence.
• Good team player with a strong willingness to help others
• Experience scripting in the following preferred: o Python, Perl, and JavaScript in relation to Splunk Apps/Add-ons o SQL for querying structured data o Knowledge of XML and JSON for data handling o Splunk Search Processing Language (SPL) for data analysis in Splunk

Responsibilities

• Design core scripts to automate Splunk maintenance and alerting tasks
• Develop dashboards and reports to display business-critical information
• Develop and maintain dashboards, reports, and alerts to ensure efficient monitoring and management of IT systems
• Engage with Product Owners to align platform capabilities with evolving business needs
• Create scalable, flexible security architectures using standards-based integrations
• Assist in developing policies for the secure operation of Splunk infrastructure
• Support cloud-based deployment and sustainment (AWS and Azure)
• Conduct software integration testing and cybersecurity compliance tasks
• Automate processes and develop efficiencies alongside development and install teams
• Maintain infrastructure for integration, cyber compliance, and network administration
• Support both UNIX/Linux and Windows-based systems
• Collaborate with IT teams to identify, troubleshoot, and resolve IT issues using Splunk
• Document configurations, changes, and troubleshooting procedures
• Design, develop, and implement new features for Splunk products
• Provide training and support to IT staff on Splunk usage and best practices