- Perform installation, configuration management, capacity planning, license management, data integration, data transformation, field extraction, event parsing, data preview, and application management of the Splunk platform
- Design and customize complex search queries, and promote advanced searching, forensics and analytics, Develop dashboards, data models, reports and optimize their performance.
- Develop, implement, and document configuration standards, policies, and procedures for operating, managing, and ensuring the security of the Splunk infrastructure.
- Participate in incident, problem, and change management processes related to Splunk.
- Work closely with Linux and Windows server administration teams to diagnose and resolve configuration issues.
- Ability to create overarching strategies for design as it relates to monitoring the application, infrastructure, interfaces and critical business transactions to provide a comprehensive set of service level metrics and key performance indicators.
- Be responsible for designing & setting up the ingestion of various customer data flows to include pre-processing data into a useable format.
- Design & integrate Splunk with a wide variety of data sources and developing associated knowledge objects such as dashboards, reports, alerts for Network Monitoring and Analytics
- Assist in developing recommended improvements to engineering requirements and specifications.
- Provide overall engineering and design support for a distributed Splunk environment consisting of heavy forwarders, indexers, and search head servers, spanning security, performance, and operational roles.
- Familiar with recognizing and onboarding new data sources into Splunk, analyzing the data for anomalies and trends, and building dashboards highlighting the key trends of the data.
- Ability to support Windows and Linux environment, editing and maintaining Splunk configuration files and apps.
- Work with other Cybersecurity and Network Engineering team members and will be required to interact with customer to gather requirements, perform troubleshooting, and provide assistance
- Minimum five (5) years of experience.
- Splunk Enterprise Certified Architect certificate and /or Splunk Enterprise Certified Admin certificate
- Must have experience designing and implementing medium to large Splunk instances
- Must have experience with implementing Splunk within cloud environments
- Must have experience writing Splunk Technical Add-ons
- Hands on experience with Security Tools such as IDS/IPS, Anti-virus, Endpoint Management
- Full system engineering life-cycle, including requirements analysis, design, development, integration, test, documentation, and implementation following defined best practices and operational workflow
- Possess in-depth technical and theoretical knowledge of cyber defensive operations and technologies
- Event flows (i.e. Syslog)
- Security Information Event Management (SIEM)
- Hands on experience with Virtualization Technology such as VMWare
- Experience working in a large government or corporate enterprise environment.
- Must have experience with relational databases
- Minimum four (4)+ years of experience in a senior Splunk role
- Strong written and verbal communication skills.
- Must be able to obtain a DoD Secret clearance
Senior Splunk Engineer - Scott Air Force Base, United States - Platinum Technologies
Description
Platinum Technologies is seeking a Splunk Subject Matter Expert (SME) to support the development and implementation of cyber engineering strategies, tools, and techniques to enhance a systems cyber-resiliency against existing and emerging cyber-threats.
Who we are
Platinum Technologies is a Northern Virginia based integrated solutions firm that specializes in Cybersecurity, Cloud and Digital Services to the Public Sector. Our team provides high-end, quality resources to help our Mission Partners realize their goals. If you are self-motivated, possess demonstrated learning agility, and are passionate about delivering high-quality work products - we want to hear from you.
You.
Platinum Technologies is seeking a Splunk Subject Matter Expert for our fast-growing company.
This position will be located in Scott Air Force Base, IL An active Secret Clearance is required for this role.
Responsibilities: