Splunk Engineer

Employer
AboutWeb
Location
Arlington, VA
Posted
Jun 12, 2017
Closes
Oct 03, 2017
Function
Engineer
Industry
Engineering
Hours
Full Time
Splunk Engineer
The Splunk Engineer will focus on Splunk architecture, installation, administration, and development, with a goal toward enhancing the Splunk infrastructure as it relates to application/machine data, troubleshooting, reporting, custom queries, dashboards, and security roles administration. In addition to log analytics, you will help administrate a variety of other platforms within the Enterprise Management suite.

Duties
  • Architect, design, support, and maintain Splunk infrastructure for a highly available and disaster recovery configuration
  • Administering Splunk and Splunk App for Enterprise Security (ES) log management
  • Standardize Splunk agent deployment, configuration and maintenance across a variety of UNIX and Windows platforms
  • Troubleshoot Splunk server and agent problems and issues
  • Assist internal users of Splunk in designing and maintaining production-quality dashboards
  • Mentor users and other groups on their use of Splunk
  • Monitor the agent and server infrastructure for capacity planning and optimization
  • Design core systems performance and troubleshooting logs
  • Support Splunk on Unix, Linux and Windows-based platforms
  • Perform data mining and analysis, utilizing various queries and reporting methods
  • Solve complex Integration challenges and debug complex configuration issues
  • Technical writing/creation of formal documentation such as architecture diagrams, technical designs, and SOPs

Required Qualifications
Must have Active Secret Clearance
  • Splunk experience - minimum 2 to 5 years' experience architecting, configuring, deploying, and customizing the tool
  • Strong understanding of Splunk configuration files and architecture
  • Knowledge of advanced search and reporting commands
  • Demonstrated ability to create complex dashboards, forms, and visualizations
  • Bachelor's degree in Computer Science, Information Security or related technical field; or 10 - 12 years of relevant work experience
  • Understanding of System Log Files and other structured and non-structured data
  • Intermediate level understanding of Solaris, Linux and Windows operating systems
  • Security+ certification
  • Current Secret Clearance required; SSBI preferred
  • Effective verbal and written communication skills that include the ability to describe highly technical concepts in non-technical terms

Desired Qualifications
  • Splunk Architect or Splunk Administrator certification preferred
  • Knowledge of a scripting language and UNIX command line
  • Experience working in DISA and working with the DISA DECC environment
  • Strong knowledge of application monitoring and event management
  • Knowledge in the Common Information Model (CIM), Understand the relationship between the CIM and knowledge objects, ability to create a lookup file and create a lookup definition& field aliases and calculated fields
  • In depth understanding of Splunk license management preferred