Job Board | Catapult Solutions Group



Return To Job Search

Splunk Engineer
Virginia
Virginia All
Data Analyst
JN -032020-114554

 

Overview:

• Work to integrate sensor tools with Splunk via vendor-supported Add-Ons and Modules or

custom API connections

• Data normalization and ETL within Splunk

• Work with design and operations teams to facilitate log ingestion and analysis

• Participate in requirements gathering, prototyping, architecture, and triaging of operational

issues

• Maintains, upgrades, advises and cross-trains team members on the operation of the Splunk

platform

• Worked in or developed Splunk database connections to a middleware application such as

Logstash, Elasticsearch engines

• Provide Splunk product expertise, assisting and advising management on issues related to the

platform

• Provides strategic support for Splunk installation, integration, deployment, configuration and

maintenance

• Responsible for design and implementation of Splunk infrastructure, deployment, configuration

and maintenance

• Monitor Splunk internal logs to identify and resolve potential vulnerability and performance

issues

• Create customized dashboard panels for specific urgent requests from internal teams and

external customers

• Design, engineer, configure and administer Splunk content

• Responsible for proper operation and performance of Splunk, loggers, connectors and

forwarders

• Responsible for integration of logs and data feeds into Splunk through various methodologies,

e.g. via syslog connectors, utilizing DBConnect to pull data from on-site databases

• Responsible for developing filters to assist in the identification of significant events

• Responsible for maintenance of related Standard Operating Procedures (SOPs) and design

documents

• Responsible for writing and developing custom scripts, reports and programs as needed

Identify and establish metrics between and among the Dashboard and integration layers of the

CDM solution to support CDM goals and objectives, as well as DHS-mandated performance

requirements

 

Requirements:

• Bachelor's degree with 3-5 years’ experience in IT or information security

• Strong troubleshooting skills, experience setting up alerts and thresholds for incoming data.

• Experience with data ingestion and normalization within Splunk Enterprise

• Splunk Enterprise Certified Architect certification preferred

• Knowledge of cloud computing platforms

• Experience performing root cause analysis on internal and external data and processes

• Experience working within a virtualized server and application environment, such as VMware,

Hyper-V, Citrix, AWS, or similar

• Experience with Object Oriented programming languages such as Java, Python and scripting

experience with Power shell and/or bash

• Experience with Windows and Unix/Linux operating systems

• Strong understanding and history of applying AGILE methodologies to teams and work streams

• Active certification consistent with the DoD Approved 8570 Baseline Certifications for

Information Assurance Technical (IAT) role and level of experience, or will attain this within 90

days of date of hire

 

Preferred Skills:

• Completed RPA Training in one or more industry-leading solutions

• Eight (8) years of additional, relevant technical experience in IT or a related field may be

substituted for education qualifications

• Experience in risk/vulnerability management, incident response, and Security Assessment and

Authorization (SA&A)

• Experience in commercial cloud and government cloud environments (Amazon, Azure, Google,

etc.)

• Additional preferred intermediate IT credentials such as MCSE, MCSD, RHCE, LFCE, ITIL

Practitioner

• DevOps and CI/CD experience

• Knowledge of emerging cybersecurity technologies

• Familiarity with DHS Cybersecurity programs such as Continuous Diagnostics and Mitigation

(CDM)



© Talent Rover. All Rights Reserved.