Splunk Engineer
Arlington, VA 22202, USA
Critical Solutions
Critical Solutions specializes in providing expert cyber security services in the areas of automation, integration and research development.Splunk Engineer
Location: Arlington, VA
Full-time, Hybrid Remote
Clearance: Public Trust
JOB DESCRIPTION
Critical Solutions has an immediate need for a Splunk Engineer to support our federal customer in Arlington, VA.
The Splunk Engineer will install and maintain Splunk infrastructure, gather requirements from customers, onboard data, and assist end users with searches, dashboards, reports, and knowledge objects. The Splunk Engineer may be required to interact with senior management, as necessary.
PRIMARY ROLES AND RESPONSIBILITIES:
- Manage multiple assignments, changing priorities, and work independently with little oversight
- Build, implement, and administer Splunk in Windows and Linux environments
- Work with existing and custom Splunk applications and add-ons to fulfill customer needs
- Provide operations and maintenance support for a distributed Splunk environment consisting of heavy forwarders, indexers, and search head servers, spanning security, performance, and operational roles
- Editing and maintaining Splunk configuration files and apps
- Onboard data to Splunk via forwarder, scripted inputs, TCP/UDP, and modular inputs from a variety of sources.
- Provider operational support for Splunk Universal Forwarder on Linux and Windows endpoints
- Manage, and support automation solutions for Splunk deployment and orchestration in on-premise and cloud environments
- Documentation, reporting, presentation, teamwork, and Agency wide collaboration are among the expected duties and mission of the task order
BASIC QUALIFICATIONS:
- Must be US citizen and willing to undergo and be able to obtain Public Trust and successfully obtain an Entry of Duty (EOD) to support this program
- Bachelor's degree in Computer Science, Engineering, or a related field and a minimum of six (6) years of experience in system administration, database administration, network engineering, software engineering, or software development, with a concentration in Cybersecurity
- Splunk Cloud Experience
- Four (4) years of experience with Splunk in distributed deployments
- Current Splunk Enterprise Certified Admin certification
- Excellent written and oral skills, ability to work closely with multiple customers, manage expectations and track engagement scope
- Experience with Splunk Enterprise Security or integration with other Security Information and Event Management (SIEM) platforms
- Proficient at data on-boarding activities including routing, parsing, and normalizing events to the Splunk Common Information Model (CIM)
- Proficiency onboarding data using Splunk developed add-ons for Windows, Linux, and common third-party devices and applications
- Experience onboarding data into Splunk via forwarder, scripted inputs, TCP/UDP, and modular inputs from a variety of sources
- Proficiency managing Splunk using the Splunk command-line interface
- Proficiency managing Splunk using configuration files
- Experience collaborating with separate engineering teams to configure data sources for Splunk integration
- Proficiency implementing and onboarding data in Splunk DB Connect
- Experience with Splunk performing systems administration, including performing installation, configuration, monitoring system performance and availability, upgrades, and troubleshooting
- General networking and security troubleshooting (firewalls, routing, NAT, etc.)
- Splunk implementation and troubleshooting experience
- Experience in managing, maintaining, and administering multi-site indexer cluster
- Proficiency developing log ingestion and aggregation strategies per Splunk best practices
- Perform integration activities to configure, connect, and pull data with 3rd party software APIs
- Proficient in regular expressions
- Ability to autonomously prioritize and successfully deliver across a portfolio of projects
CERTIFICATION REQUIREMENT:
Must possess an active Splunk Enterprise Certified Admin certification and at least one of the following:
CCIE Security
Cisco Certified Network Professional (CCNP)
CCNP Security
CCSP - Certified Cloud Security Professional
CEH - Certified Ethical Hacker
Certified Data Administrator Professional
Certified Implementation Engineer Specialist
Splunk Certified Architect
Certified Storage Associate
CISSP - Certified Information Systems Security
CompTIA Advanced Security Practitioner (CASP)
Converged Infrastructure Specialist
CSSLP - Certified Secure Software Lifecycle Professional
ECSP - EC-Council Certified Secure Programmer
GCIH - Incident Handler
GCWN - Windows Security Administrator
GICSP -Cyber Security Professional
GISF - Security Fundamentals
GISP - Security Professional
GSSP - Secure Software Programmer
MCSE - Microsoft Certified Solutions Expert (Server)
RHCA - Red Hat Certified Architect
RHCE - Red Hat Certified Engineer
SEI (Software Engineering Institute)
SSCP - Systems Security Certified Practitioner
VCA (Certified Associate)
VCAP (Certified Advanced Professional)
VCDX (Certified Design Expert)
VCIX (Implementation Expert)
VCP (Certified Professional)
MS 365 Certified: Security Administrator
Microsoft Certified Azure Security Engineer (Associate)
Splunk Enterprise Certified Architect
Splunk Enterprise Certified Administrator
Splunk Core Certified Consultant
Splunk SOAR Certified Automation Developer
Splunk Certified Developer
AWS Certified Solutions Architect - Associate
AWS Certified DevOps Engineer - Professional
Swimlane Certified SOAR Developer
PREFERRED QUALIFICATIONS:
- Splunk Cloud Experience
- Experience working in Azure
- Experience with GitLab or GitHub or other version control system
- Scripting and development skills (Bash, Python, and PowerShell)
LOCATION:
- Arlington, VA. This is a hybrid on-site role with expectation of being on client site a few days a week.
- Must be able and willing to commute to work location.
ADDITIONAL INFORMATION:
CLEARANCE REQUIREMENT: Must be able to obtain and maintain Public Trust. In addition, selected candidate must undergo background investigation (BI) and finger printing by the federal agency and successfully pass the preceding to qualify for the position. US CITIZENSHIP IS REQUIRED due to the nature of the government contracts we support.
CRITICAL SOLUTIONS PAY AND BENEFITS:
Salary range $-. The salary range for this position represent the typical salary range for this job level and this does not guarantee a specific salary. Compensation is based upon multiple factors such as responsibilities of the job, education, experience, knowledge, skills, certifications, and other requirements.
BENEFIT SNAPSHOT: 100% premium coverage for Medical, Dental, Vision, and Life Insurance, Supplemental Insurance, 401K matching, Flexible Time Off (PTO/Holidays), Higher Education/Training Reimbursement, and more
Employment Type: Full-Time, Hybrid On-Site
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs Automation AWS Azure Bash Business Intelligence CASP+ CCNP CCSP CEH CISSP Clearance Cloud CompTIA Computer Science DevOps Firewalls GCIH GICSP GitHub GitLab Linux Monitoring PowerShell Python Red Hat Scripting SIEM SOAR Splunk SSCP Windows
Perks/benefits: Career development Flex hours Flex vacation Health care
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Sr. Security Engineer jobs
- Open Senior Network Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open DoD-related jobs