Design, deploy, and manage Splunk infrastructure
Develop and maintain Splunk dashboards, queries, and alerts
Integrate Splunk with various data sources to ensure comprehensive data ingestion
Monitor and troubleshoot Splunk performance issues
Collaborate with cross-functional teams to gather requirements and provide Splunk solutions
Implement and enforce best practices for Splunk data management and retention
Provide user training and support for Splunk-related activities

Requirements

2+ years of experience in managing and configuring Splunk
2+ years of experience configuring Cribl sources, destinations, routes and collectors
2+ years of experience authoring and maintaining props.conf, transforms.conf, inputs.conf, and outputs.conf
2+ years of experience in Linux and Windows administration
1+ years of experience with Cribl Redmap or JavaScript functions
1+ years of experience with regex for field extraction and event breaking
1+ years of experience with Splunk REST API for automation
Active TS/SCI clearance
Associate’s degree and 5+ years of experience supporting IT projects or Bachelor’s degree and 3+ years of experience supporting IT projects or Master’s degree and 1+ years of experience supporting IT projects or 10+ years of experience supporting IT projects in lieu of a degree
DoD 8570 IAT Level II certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND certification
Ability to obtain a DoD 8570 Cyber Security Service Provider - Infrastructure Support certification within 60 days of start date

Benefits

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

SplunkCriblLinux administrationWindows administrationprops.conftransforms.confinputs.confoutputs.confregexSplunk REST API

collaborationuser trainingtroubleshootingproblem-solving

TS/SCI clearanceDoD 8570 IAT Level IISecurity+ CECCNA-SecurityGSECSSCPCySA+GICSPCND certification