Skills/Qualifications: Excellent technical skills, organizational and planning skills, excellent communication (written & verbal), and problem-solving skills, Problem analysis, attention to detail and accuracy, solid judgment, and decision-making ability, takes initiative and is adaptable. Candidate will have a minimum of three years specialization in the following qualifications/skills:
- Certified Splunk Developer/Administrator.
- Expert-level experience and knowledge of Splunk configuration and administration.
- Expert experience and knowledge of developing and troubleshooting Splunk searches, reports, alerts, visualizations, and dashboards.
- Expert level experience configuring, setting up, and modifying the Splunk Enterprise app, DB Connect app, Compliance Essentials, and Splunk Add-ons.
- Expert-level experience of analyzing log files from various types of information systems.
- Experience deploying and configuring Search servers, Splunk Deployment servers, Splunk clustered Indexers, and Splunk forwarders, and possess demonstrable knowledge of data collection methods such as Syslog, JDBC, or API.
- Expert experience onboarding new data sources into Splunk, analyzing the data for anomalies and trends, and building dashboards highlighting the key trends of the data.
- Expert experience and knowledge with the Linux and Windows environments to edit and maintain Splunk configuration files and apps.
- Expert experience communicating and interacting with the Government cybersecurity team members and end users to perform troubleshooting and provide assistance with the creation of Splunk search queries, alerts, reports, and dashboards to meet their STIG, continuous monitoring, logging, auditing, reporting requirements as outlined in DOD policies and guidelines.
- Familiarity with Federal regulatory requirements.
- Experience in the following:
- Linux and SQL/ODBC interfaces
- App interface development using REST APIs.
- Experience with project management.
- Knowledge and experience of understanding software development life cycle process, including scrum and story maps for development tracking.
- Expert-level experience creating access controls for Splunk users by creating active directory groups, power, and user groups.
- Expert-level experience extracting complex Fields from different Log files using Regular Expressions migrated Splunk config files to multiple servers.
- Expert-level experience setting up Splunk Objects such as Event types, Tags, Field Extraction, and Lookups.
Education and Experience: Bachelor (4-year) degree, with a technical major, such as engineering, or computer science is required. Experience with government and DoD environments is desired.
Certification:
This position requires:
- CompTIA Security+ CE certification. Substitutes for Baseline Certification: CCNA Security; CySA+; GICSP; GSEC; CND; SSCP
Additionally, candidates must have ONE of the following certifications:
- Splunk Enterprise Certified Admin
- Splunk Enterprise Certified Architect
- Splunk Cloud Certified Admin
- Splunk Enterprise Security Certified Admin
- Splunk Certified Developer
Work Location: This position can be REMOTE and requires minimal travel to client site.
Military Installation Access: Must be able to qualify for and obtain a base access pass. Must be able to obtain a favorable National Security Agency Check (NACI) including an FBI fingerprint check.
Clearance: Requires a Single Scope Background Investigation (SSBI), T5 or T5R equivalent investigation (Top Secret). Must be a U.S. Citizen.
Travel: Ability and willingness to travel one day a week to client site (Mechanicsburg, PA) is strongly desired.