Splunk Engineer

 Current DoD TS/SCI security clearance.All candidates must be US CITIZENS to be considered for the position.Job Description:We have an IMMEDIATE NEED a highly skilled Senior Splunk Administrator to join our team andtake charge of designing, implementing, and maintaining our Splunk environment as part of theDISA Defense Red Switch Network in support of an enterprise VoIP management system. The idealcandidate will possess a deep understanding of Splunk architecture and its various componentsincluding forwarders, indexers, and web interfaces. Moreover, proficiency in setting up Splunk on aRed Hat Enterprise Linux 8 (RHEL 8) system that is hardened is essential for this role. Additionally,the candidate should demonstrate expertise in integrating Splunk with RSA and effectivelyconfiguring it to work seamlessly with both RHEL 8 and Windows environments.Responsibilities:
 Design and Architecture: Design, implement, and maintain Splunk environments includingforwarders, indexers, search heads, and deployment servers.
 Installation and Configuration: Install, configure, and integrate Splunk and its components onRHEL 8 systems, ensuring optimal performance, scalability, and security.
 Security Hardening: Harden the Splunk environment on RHEL 8 systems to meet securitycompliance standards and best practices.
 Integration: Integrate Splunk with RSA for secure authentication and authorization across theenvironment.
 Monitoring and Maintenance: Monitor Splunk infrastructure health, performance, and capacity;perform routine maintenance tasks to ensure uninterrupted service.
 Troubleshooting: Troubleshoot issues related to Splunk infrastructure, including performancebottlenecks, data ingestion problems, and search optimization.
 Documentation: Create and maintain comprehensive documentation including architecturediagrams, installation guides, and troubleshooting procedures.
 Collaboration: Collaborate with cross-functional teams including security, network, and systemadministrators to ensure seamless integration of Splunk within the IT infrastructure.Core Qualifications: Bachelor’s degree in Computer Science, Engineering, or a related field and a minimum of 12+years of experience in system administration, database administration, network engineering,software engineering, or software development, with a concentration in Cybersecurity
 Eight (8) years of experience with Linux and Windows system administration or an advancedunderstanding of operating systems and common operating environments
 Five (5) years of experience administering Splunk in distributed deployments
 Excellent written and verbal communication skills, ability to work closely with multiple customers,manage expectations and track engagement scope
 Proficient at data on-boarding activities including routing, parsing, and normalizing events to theSplunk Common Information Model (CIM)
 Proficient onboarding data using Splunk add-ons for Windows, Linux, and common third-partydevices and applications
 Experience onboarding data into Splunk via forwarder, scripted inputs, and modular inputs froma variety of sources
 Experience with Splunk performing systems administration, including performing installation,configuration, monitoring system performance and availability, upgrades, and troubleshooting
 General knowledge of networking and security troubleshooting (firewalls, routing, NAT, etc.)
 Splunk implementation and troubleshooting experience
 Proficiency developing log ingestion and aggregation strategies per Splunk best practices
 Perform integration activities to configure, connect, and pull data with 3rd party software APIs
 Ability to autonomously prioritize and successfully deliver results
 Must have a Splunk Certified Architect certificationPreferred Qualifications:
 Experience configuring and maintaining the tool in a multi-tenant environment
 Experience troubleshooting RSA and Windows integration.
 Experience troubleshooting RSA integration with Linux through PAM
 Experience troubleshooting Cisco ISE AAA
 Experience in troubleshooting LDAPS
 Experience with application integration with Radiant One through LDAPS