Splunk Engineer

Splunk Engineer

  • Location: Mark Center, 4800 Mark Center Drive, Alexandria, VA 22311.
  • Work Schedule: 100% Onsite
  • Clearance: TS/SCI
  • Certification: Security+ CE

We are seeking a Splunk Engineer in support of the Compartmented Enterprise Services Office (CESO) NOC.

With the CESO program, We will manage the commercial cloud migration and disestablishment of legacy systems, fully automate the continuous development & continuous integration environment, fourth estate consolidation, professionalize services – ITIL/DevSecOps based processes, improve the customer experience 1st call resolution, and achieve development of a service catalog for Defense Working Capital Fund (DWCF) Model.

This position is located in Arlington, VA and is 100% on-site.

Primary Responsibilities:

  • Design efficient and reusable reports and dashboards to integrate multiple mission applications’ health, performance and operational data systems into Splunk
  • Create front-end automated data visualization services using Splunk
  • Develop viewable Splunk dashboards to provide visibility into ingested log data
  • Develop alerts that trigger/activate on configured setting to deploy or sends a note/email/attachments to a particulate destination email or groups
  • Develop security rules (alerts) that trigger on anomalous activities or threat detections
  • Administer Splunk in Windows and Linux environments
  • Work with existing and custom Splunk applications and add-ons to fulfill customer needs
  • Provide operations and maintenance support for a distributed Splunk environment consisting of heavy forwarders, indexers, and search head servers, spanning security, performance, and operational roles
  • Editing and maintaining Splunk configuration files and apps
  • Onboard data to Splunk via forwarder, scripted inputs, TCP/UDP, and modular inputs from a variety of sources.
  • Provider operational support for Splunk Universal Forwarder on Linux and Windows endpoints
  • Manage, and support automation solutions for Splunk deployment and orchestration in on-premise and cloud environments

Basic Qualifications:

  • Bachelor’s degree and 4+ years of prior relevant experience. Additional experience may be considered in lieu of degree.
  • Active Top Secret security clearance (With ability to hold TS/SCI) is required prior to start. With the ability to take and maintain CI/POLY.
  • DoD 8570 IAM II certification is required.
  • Splunk Enterprise Certified Architect. Equivalent certification or higher
  • Excellent written and oral communications skills and be able to appropriately present highly technical material to both technical and non-technical audiences

Preferred Qualifications:

  • Experience configuring and maintaining the tool in a multi-tenant environment
  • Knowledge of programming languages such as Python, Java, JavaScript, C#
  • Experience with AWS Cloud tools and services.

For more information please Contact Us Or send an email to HR@rmantras.com