Splunk Engineer

Arlington, VA
Jun 12, 2017
Oct 26, 2017
Full Time
Splunk Engineer
The Splunk Engineer will focus on Splunk architecture, installation, administration, and development, with a goal toward enhancing the Splunk infrastructure as it relates to application/machine data, troubleshooting, reporting, custom queries, dashboards, and security roles administration. In addition to log analytics, you will help administrate a variety of other platforms within the Enterprise Management suite.

  • Architect, design, support, and maintain Splunk infrastructure for a highly available and disaster recovery configuration
  • Administering Splunk and Splunk App for Enterprise Security (ES) log management
  • Standardize Splunk agent deployment, configuration and maintenance across a variety of UNIX and Windows platforms
  • Troubleshoot Splunk server and agent problems and issues
  • Assist internal users of Splunk in designing and maintaining production-quality dashboards
  • Mentor users and other groups on their use of Splunk
  • Monitor the agent and server infrastructure for capacity planning and optimization
  • Design core systems performance and troubleshooting logs
  • Support Splunk on Unix, Linux and Windows-based platforms
  • Perform data mining and analysis, utilizing various queries and reporting methods
  • Solve complex Integration challenges and debug complex configuration issues
  • Technical writing/creation of formal documentation such as architecture diagrams, technical designs, and SOPs

Required Qualifications
Must have Active Secret Clearance
  • Splunk experience - minimum 2 to 5 years' experience architecting, configuring, deploying, and customizing the tool
  • Strong understanding of Splunk configuration files and architecture
  • Knowledge of advanced search and reporting commands
  • Demonstrated ability to create complex dashboards, forms, and visualizations
  • Bachelor's degree in Computer Science, Information Security or related technical field; or 10 - 12 years of relevant work experience
  • Understanding of System Log Files and other structured and non-structured data
  • Intermediate level understanding of Solaris, Linux and Windows operating systems
  • Security+ certification
  • Current Secret Clearance required; SSBI preferred
  • Effective verbal and written communication skills that include the ability to describe highly technical concepts in non-technical terms

Desired Qualifications
  • Splunk Architect or Splunk Administrator certification preferred
  • Knowledge of a scripting language and UNIX command line
  • Experience working in DISA and working with the DISA DECC environment
  • Strong knowledge of application monitoring and event management
  • Knowledge in the Common Information Model (CIM), Understand the relationship between the CIM and knowledge objects, ability to create a lookup file and create a lookup definition& field aliases and calculated fields
  • In depth understanding of Splunk license management preferred

Similar jobs

More searches like this