Splunk Architect

Avint LLC
Chantilly, VA
Aug 21, 2019
Aug 23, 2019
IT, IT Architect
Full Time
The CDM Program is sponsored and lead by the DHS/ Cyber & Infrastructure Security Agency (CISA), and is designed to transform the .Gov cybersecurity posture through the design, integration, and operationalization of cyber capabilities. The CDM program provides participating Agencies with a holistic cybersecurity solution that is integrated with Splunk technologies. As a CDM Splunk Architect, you will be recognized as a Splunk subject matter expert responsible for the planning, design and architecture of a multi-technology cyber solution. You will be responsible for developing the most effective architectures that spans multiple Agencies, tools and products. You are also responsible for designing data feeds, data models and normalization strategies to build data confidence across big data sets. This role also provides feedback for continuous improvement based on architectural enhancements. Since Splunk is the integration point of the CDM Solution, this position will be working very closely with the other elements of the solution (ie the tools and sensors, the orchestration engine and the dashboards) to ensure overall functionality. What You'll Get to Do:. Architect, Design and Set up and configure Splunk search servers, deployment servers, clustered indexers, and forwarders, as required. Design, configure and establish incoming Index feeds from many desperate cyber security tools across the DHS Enterprise to include Operating System and Application level logging. Design, configurate and build a complex operations dashboard to monitor the CDM Solution Environment to include data integrity and quality checks.Demonstrate innovative influence for projects You'll Bring These Qualifications:. US Citizenship required. Must meet eligibility requirements for access to classified information and be clearable to a Department of Homeland Security (DHS) EOD clearance. Active DoD clearance preferred. BA/BS or equivalent years of experience and 10+ Years of relevant experience. Certification: Splunk Certified Architect. Demonstrated experience designing and implementing Enterprise level Clustered Splunk environments consuming data from lots of different sources.. Demonstrated experience designing and building complex dashboards based on Splunk to include complex logic, workflows and data transformation.. Demonstrated experience building and maintaining a complex data model to normalize incoming data sources.. Demonstrated knowledge of ITIL processes and experience leading a Cyber Operations Team using those processes