Splunk Engineer

Us

We are Aretec, Inc., a leading small business in the Federal Contracting space specializing in AI, machine learning, data analysis, cybersecurity, and business optimization. Our team is committed to delivering innovative solutions that drive the success of our clients in various industries. We foster a collaborative and dynamic work environment that encourages growth, creativity, and excellence among our highly skilled professionals. Aretec is an Equal Opportunity Employer, and we strongly believe in diversity, equity, and inclusion in our workforce.

You

will play a crucial role in onboarding business-critical data, building custom TAs and apps, expanding indexer clusters, performing field extractions, troubleshooting customer problems, and contributing to projects revolving around support tools, configuring visual apps, creating custom apps, dashboarding, and creating alerts and reports.

We're looking for A Splunk Engineer with at least 8+ years of experience to join our team. In this remote position, you will be responsible for enhancing overall threat detection and response capabilities, shaping SOC metric dashboards, creating correlation rules, developing Splunk database connections, optimizing search processing, and reducing storage usage.

The ideal candidate should have extensive experience with Splunk, including architecting, administering, and developing Splunk infrastructure. Certifications such as Splunk Certified Admin, Power User, and User are highly desirable.

The Skills

• 8+ years of experience as a Splunk Engineer
• Expertise in onboarding business-critical data, building custom TAs and apps, and expanding indexer clusters
• Proficiency in performing custom field extractions with advanced regular expressions
• Experience in troubleshooting and resolving customer problems, interfacing with engineering on platform issues
• Knowledge of creating and optimizing lookups (automatic/Kvstore) for querying and correlating data
• Ability to create and optimize dashboards, alerts, and reports
• Familiarity with data models such as Network Traffic, Web, Endpoint, Certificates, and Alerts
• Experience with Splunk database connections to middleware applications like Logstash and Elasticsearch engines
• Certifications: Splunk Certified Admin, Splunk Certified Power User, Splunk Certified User, Security+

The Expectations

30 Days

• Familiarize yourself with the company's Splunk environment, data sources, and business requirements
• Collaborate with the team to identify areas for improvement and contribute to the Splunk roadmap
• Begin onboarding business-critical data and building custom TAs and apps

60 Days

• Demonstrate proficiency in optimizing Splunk performance, including search processing and storage usage
• Actively participate in requirements gathering for dashboard creation and log ingestion
• Take ownership of complex tasks and deliver them within the agreed-upon timelines
• Contribute to the improvement of Splunk-related processes and documentation

90 Days

• Become a key contributor to the team, consistently delivering high-quality Splunk solutions
• Proactively identify and address potential Splunk vulnerabilities and performance issues
• Mentor junior Splunk engineers and share knowledge with the team
• Actively participate in client meetings and provide technical expertise to ensure project success

Benefits

At Aretec, we value our employees and offer a comprehensive benefits package, including:

• Health, dental, and vision insurance
• 401(k) plan with employer match
• Certification stipends
• Professional development opportunities
• Flexible work arrangements
• Paid time off and holidays

Additional Considerations

As an Equal Opportunity Employer, Aretec displays the "EEO is the Law" poster, the "EEO is the Law" poster supplement, and the Pay Transparency Nondiscrimination Provision to inform applicants and employees of their rights. These posters are made available in all our workplaces and on our website.

Aretec is a proud graduate of the SBA 8(a) program and is now a thriving small business. We are committed to delivering exceptional results and fostering a diverse and inclusive workplace. We are an Equal Opportunity Employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

Due to our work with federal agencies, some positions may require security clearances, drug screening, and adherence to background check requirements. Candidates may be subject to these screenings based on the specific role and client requirements.

This is a remote position with a federally regulated agency. As such, we require all candidates to be sole US Citizens. While Aretec is focused on Diversity, Equity, and Inclusion and we do our best to avoid asking these questions, we are required to do so due to federal requirements.

To apply, please submit your resume outlining your relevant experience and qualifications for the Splunk Engineer role. We are excited to review your application and welcome you to the Aretec team.