Sr Splunk Engineer- remote
Required Education: Bachelor's Degree in Information Technology or related field.
Required Experience: 8 years Splunk Engineering experience
Required Clearance: Public Trust or higher
This individual will provide Splunk Engineering support to partner with security tools and infrastructure management teams to administer and manage the department Splunk solution, facilitate data ingestion, analysis, correlation, and visualizations. The Splunk Engineer will enable our customer to fully deploy a Department Security Information and Event Management (SIEM) program utilizing Splunk Enterprise Security Tools.
- Design and implement a technical infrastructure based on functional requirements for new and existing Splunk instances
- Participate in requirements gathering, architecting, building and supporting operational teams throughout the agency
- Design and implement content management solutions to provide search, reporting, applications and visualizations
- Develop guidance on data analysis and reporting including the use of machine learning models and complex data analysis
- Maintain, upgrade, and operate Splunk systems while providing guidance and assistance across teams
- Integrate automation, application and systems monitoring.
- Provide extensive knowledge of Splunk and educate the customer's Splunk users on search, reporting, and visualization development.
- Assist with Date Enrichment to improve reporting, search and dashboard capabilities
- Flexibility to meet any threat scenario 24/7/365 as mission dictates.
- Must be a US Citizen with an active DoD Public Trust Clearance.
- Holds one or more Splunk certifications (Power User, Administrator, ES Developer, etc)
- Experience integrating and using Automation tools (Ansible, Terrafrom)
- Experience with Cloud based technologies (AWS, Azure)
- Experience with NOC technologies and metrics
- Desire to learn advanced SOC methodologies using Splunk ES