Splunk Engineer

Job Title: Senior Splunk Engineer



Location: Washington D.C. - Hybrid



Eligibility: US Citizen with an active Secret Clearance



Job Description:



-Serve as a subject matter expert (SME) to use Splunk as part of a

department-wide effort to achieve orchestration across various Splunk

deployments (silos) into a more unified architecture and operational

security capability.



-Quickly learn and assimilate the complicated set of Splunk system

owners, capabilities, data types, indexes, data repositories, and

consumers across multiple organizational components.



-Analyze existing ingested data to respond to evolving business, IT, and

security functions.



-Serve as a Splunk technical engineer to implement requirements and

assist with devising a new, to-be architecture to satisfy

Department-level requirements.



-Use your in-depth knowledge of Splunk on-premises and cloud deployments

to assist with identifying the most eective and ecient way to deploy

Spunk capabilities (e.g., search heads, forwarders, indexers) to achieve

desired outcomes.



-Inventory and assess data sources and inputs and ensure this data is

prioritized and properly formatted for Splunk ingest and report

generation.



-Turn data into action with intelligent analytics and clear insights.

Define raw input requirements to support data models as well as final

outputs required to ensure Department personnel can assess the security

status of computing systems and produce readable, understandable summary

reporting.



-Utilize Splunk to develop data requirements, data catalog(s), data

descriptions, data sources, and data formatting to ensure that security

controls can be measured and managed across on-premises and cloud IT

services.



-Develop dashboarding or other automated data presentation designs.



-Interact with team members to integrate and migrate customers into a

centralized Enterprise Splunk instance. Requirements:



-Minimum fifteen (15) years of experience with the Splunk environment,

including Splunk's unique investigative approach to data analysis.



-Master's degree - such as Cybersecurity, IT Systems, Software

Engineering, Network Engineering, or a related field of study.



--The candidate must have the ability to obtain and maintain a public

trust suitability clearance



-Splunk Certifications, Splunk Enterprise Certified Administrator or

Splunk Enterprise Certified Architect



-Experience with on-premises and cloud (MSSP) Splunk system deployments

and the pros/cons of each approach.



-Experience in using Splunk for data collection, formatting,

presentation, and preservation.



-Strong experience in Splunk for ingest of data across a variety of

applications and users.



-Working in large enterprise environments leveraging clustering

technologies and multiple Splunk instances.



-Experience in the presentation of data requirements, solutions, and

outputs to system owners and executive leadership.



-Ability to capture high-level technical information in a clear, concise

manner.



-Strong communication skills to understand and communicate data scope,

breadth, and depth.



-Ability to think creatively and adapt creative thinking to what works

for the organization.



-Exceptional organizational and time-management skills.



-Experience working with and in Government projects desired.



-Ability to work remotely or onsite as required in the DC Metro area.