Splunk Engineer

Job Description

The Splunk Engineer will be responsible for the entire end to end deployment of the Splunk family of software to support OFR's log retention, aggregation and analysis requirements. It is required that the candidate be well versed in Splunk technology and implementation of best practices and have a working knowledge in the variety of architectural variations of the Splunk product. This includes Splunk scalability, capacity planning, distributed setup, Search Head Clustering, Index Clustering, and performance specifications. Experience with storage technologies, SQL Server, Hadoop, platform administration on Linux and Windows and experience with many of today's security tool sets (IPS/IDS, AV, Firewalls, Switches, etc.) is highly desirable. Experience with Splunk premium apps such as Enterprise Security is also desirable.
Key Tasks and Responsibilities

Perform installation, configuration management, capacity planning, license management, data integration, data transformation, field extraction, event parsing, data preview, and application management of Splunk platform

Design and customize complex search queries, and promote advanced searching, forensics and analytics, Develop dashboards, data models, reports and optimize their performance.

Develop, implement, and document configuration standards, policies, and procedures for operating, managing, and ensuring the security of the Splunk infrastructure.

Participate in incident, problem, and change management processes related to Splunk.

Work closely with Linux and Windows server administration teams to diagnose and resolve configuration issues.

Analyze logs for the all major applications and come up with most affected areas or reoccurring issues.

Education & Experience

A bachelor's degree in Computer Science or a related engineering field with training in information security

Strong written and verbal communication skills.

Hands on experience with Enterprise Applications

Hands on experience with Security Tools such as IDS/IPS, Anti-virus, Endpoint Management

Hands on experience with Virtualization Technology such as VMWare

Hands on experience with Storage Technology such as NetApp or Panassas

Scripting/Programming experience in Python, Perl, Powershell or Bash.

Active Directory

Firewalls and internet proxy devices

Security monitoring practices

Unix or Linux shell environments

Event flows (i.e. Syslog)

Security Information Event Management (SIEM)

Experience working in a large government or corporate enterprise environment.

Certifications

Splunk Architect Certification, Splunk Certified Administrator

CISSP, SANS GIAC, Security+, Network+, Linux+, MCSE, RHCE or CCNA-Security preferred

Security Clearance

Ability to obtain a Public Trust

EOE AA M/F/Vet/Disability

EEO is the Law:

Full-time Employee Benefits Include:

• 15 Days of Paid Time Off
• 10 Federal Holidays
• 401K Plan with Company Matching
• Health, Dental, and Vision Insurance Plans
• Life, Short Term, & Long Term Disability Insurance Programs
• Education Assistance - Tuition/Certification Reimbursement
  
• Commuter Assistance Program
  

by Jobble

---