Splunk Engineer - TS/SCI

Position Job Duties:

• Monitor the health, performance, and capacity utilization of Splunk infrastructure
• Implement best practices for Splunk deployment, configuration, and optimization
• Design and manage Splunk data models, indexes, and search heads
• Develop and maintain Splunk alerts, dashboards, and reports to meet client needs
• Troubleshoot and resolve issues related to Splunk configuration, data ingestion, and search performance
• Collaborate with client stakeholders and cross-functional teams to integrate Splunk with other systems and applications
• Provide training and support to client teams on Splunk usage and best practices

Position Qualifications:

• TS/SCI level clearance is required
• Requires a BS and 5+ years of experience OR Masters and 3+ years; 4 years additional experience may be considered instead of a BS degree
• Proven experience as a Splunk Administrator or similarly named Splunk-focused role
• Strong understanding of Splunk architecture, components, and deployment options
• Proficiency in Splunk Search Processing Language (SPL) for creating complex search queries and reports
• Experience with Splunk data ingestion methods, including forwarders, HTTP Event Collector (HEC), and scripted inputs
• Familiarity with Splunk Enterprise Security (ES), Qumolos, and Splunk SOAR is a plus
• Solid understanding of IT infrastructure, including networking, operating systems, and security principles

Certifications:

• 8140/8570 IAT Level III certification required
• Splunk Architect is desired
• Splunk Certified Administrator certification is desired