Splunk Engineer
3 weeks ago
Pasco, United States
Computer World Services
Full time
Job Description
The Splunk Engineer will be responsible for the entire end to end deployment of the Splunk family of software to support OFR's log retention, aggregation and analysis requirements. It is required that the candidate be well versed in Splunk technology and implementation of best practices and have a working knowledge in the variety of architectural variations of the Splunk product. This includes Splunk scalability, capacity planning, distributed setup, Search Head Clustering, Index Clustering, and performance specifications. Experience with storage technologies, SQL Server, Hadoop, platform administration on Linux and Windows and experience with many of today's security tool sets (IPS/IDS, AV, Firewalls, Switches, etc.) is highly desirable. Experience with Splunk premium apps such as Enterprise Security is also desirable.
Key Tasks and Responsibilities
Perform installation, configuration management, capacity planning, license management, data integration, data transformation, field extraction, event parsing, data preview, and application management of Splunk platform
Design and customize complex search queries, and promote advanced searching, forensics and analytics, Develop dashboards, data models, reports and optimize their performance.
Develop, implement, and document configuration standards, policies, and procedures for operating, managing, and ensuring the security of the Splunk infrastructure.
Participate in incident, problem, and change management processes related to Splunk.
Work closely with Linux and Windows server administration teams to diagnose and resolve configuration issues.
Analyze logs for the all major applications and come up with most affected areas or reoccurring issues.
Education & Experience
A bachelor's degree in Computer Science or a related engineering field with training in information security
Strong written and verbal communication skills.
Hands on experience with Enterprise Applications
Hands on experience with Security Tools such as IDS/IPS, Anti-virus, Endpoint Management
Hands on experience with Virtualization Technology such as VMWare
Hands on experience with Storage Technology such as NetApp or Panassas
Scripting/Programming experience in Python, Perl, Powershell or Bash.
Active Directory
Firewalls and internet proxy devices
Security monitoring practices
Unix or Linux shell environments
Event flows (i.e. Syslog)
Security Information Event Management (SIEM)
Experience working in a large government or corporate enterprise environment.
Certifications
Splunk Architect Certification, Splunk Certified Administrator
CISSP, SANS GIAC, Security+, Network+, Linux+, MCSE, RHCE or CCNA-Security preferred
Security Clearance
Ability to obtain a Public Trust
EOE AA M/F/Vet/Disability
EEO is the Law:
Full-time Employee Benefits Include:
- 15 Days of Paid Time Off
- 10 Federal Holidays
- 401K Plan with Company Matching
- Health, Dental, and Vision Insurance Plans
- Life, Short Term, & Long Term Disability Insurance Programs
- Education Assistance - Tuition/Certification Reimbursement
- Commuter Assistance Program
by Jobble