SR Splunk Engineer

About The Position

Requirements

• Associates degree and 10+ years of experience in a Systems Engineering related field; OR bachelor’s degree in Computer Science, Computer Engineering, or related field and 8+ years of experience in a Systems Engineering related field; OR a master's degree in Computer Science, Computer Engineering, or related field and 6+ years of experience in a Systems Engineering related field.
• Additional Four (4) years of relevant experience will be considered in lieu of a bachelor’s degree
• This position requires the candidate possess a minimum of Top-Secret clearance with the ability to obtain TS/SCI. The candidate must maintain the clearance.
• 3+ years of hands-on experience as a Splunk Administrator or Engineer in a large, distributed enterprise environment.
• Advanced proficiency in writing and optimizing complex Search Processing Language (SPL) queries.
• Deep understanding of Splunk architecture, including clustering, data ingestion, pipelines, and best practices for scaling.
• Strong working knowledge of Linux/Unix and Windows operating systems for deployment and troubleshooting
• Strong working knowledge of Kubernetes platform for deployment and troubleshooting
• Experience with scripting languages ( e.g. Python or Shell) for automation tasks.
• Fundamental understanding of networking concepts (TCP/IP, firewalls) relevant to log collection and data transfer.
• Hold a current Splunk Core Certified Power User or Splunk Admin certification

Nice To Haves

• Excellent problem-solving and analytical skills.
• Strong communications skills (written and verbal) to translate technical concepts to non-technical stakeholders.
• Ability to work effectively independently and as part of a team.
• Certifications : Splunk Certified Architect or specialized Splunk certifications ( e.g. Splunk Enterprise Security Certified Admin).

Responsibilities

• Platform Management: Install, configure, and maintain all components of a distributed Splunk environment (Indexers, Search Heads, Forwarders, Deployment Servers, License Manager , etc. )
• Data Onboarding: Integrate new logs and data sources from various systems ( e.g. operating systems, network devices, applications, security tools) using universal and heavy forwarders, ensuring efficient ingestion and parsing.
• Search & Content Development: Develop and optimize complex Search Processing Language (SPL) queries, alerts, reports, and visualizations to meet the needs of security, application, and operations teams.
• Performance & Optimization: Tune the Splunk environment for optimal performance, ensuring data retention policies are met, and managing storage/indexing tiering ( e.g. hot/warm/cold, and smart store)
• Automation: Utilize scription ( e.g. Python, Shell) and confi gura tion management tools ( e.g. Ansible, Helm) to automate Splunk deployment, configuration, and data source onboarding processes
• Documentation & Training: Create and maintain detailed documentation for the Splunk architecture, processes, and content, and provide training to end-user and administrators

Benefits

• Peraton offers enhanced benefits to employees working on this critical National Security program, which include heavily subsidized employee benefits coverage for you and your dependents, 25 days of PTO accrued annually up to a generous PTO cap and eligible to participate in an attractive bonus plan