Splunk Administrator
Apply on
Job Description
Splunk Administrator
Full Time Montgomery, AL
Secret clearance
**This position is contingent upon contract award**
Overview:
The AFINC III contract supporting the 26th Network Operations Squadron (26NOS) is searching for qualified candidates to serve as members of the Enterprise Network Applications Tools (ENAT) Team. These candidates will fill the position of Splunk Administrator(s), responsible for maintaining the Splunk installation used to support the 26NOS. The/These candidate(s) will be responsible for overseeing and supporting the maintenance and update of the Splunk install and the integration of the Splunk Install with other systems supporting the mission of the 26NOS.
Responsibilities:
- Serve as Splunk Administrator responsible for planning, managing, and implementing Splunk across multiple enterprise networks and implementations.
- Provide expertise as it relates to Splunk implementations. Recommend and support changes to Splunk deployments.
- Support Indexer Clustering, Search Head Clustering, and Forwarders.
- Monitor, troubleshoot, and analyze overall health of Splunk infrastructure to include daily indexing volume, search volume and performance, data source reporting, user activity reporting, and custom apps/dashboards/visualizations.
- Perform root cause analysis on any issues with recommendations. Implement tactical and strategic solutions to problems.
- Develop, manage, and maintain documents supporting Splunk architecture and operational processes.
- Data on-boarding techniques such as syslog, DB Connect (dbConnect), Universal Forwarder (UF), HTTP Event Collector (HEC), and custom scripting.
- Express a working knowledge of Linux to include use cases supporting patching, SSL toolset, capacity planning, routing protocols, and firewall rules.
- SPL/Dashboard experience in support of user analytics, systems performance, security, and environmental health.
- Knowledge of Splunk DataModels and their management to include implementation, tuning, and data normalization.
- Familiarity with Department Information Systems Agency (DISA) Security Technical Implementation Guidelines (STIGs) checklists applicable to each Non-classified or Secret Internet Protocol (IP) Router Network (NIPRNet, SIPRNet) network environment for all Splunk implementations.
- Implement/create report dashboard designs, automated custom email report notifications, report log data repositories for each environment that are specific to the following audiences: Leadership & Executives; Cybersecurity Staff; and System Administrators
Qualifications/Requirements:
- Splunk Administrator candidate should have a minimum of 3+ years of Splunk products experience.
- Splunk experience performing administration in a large-scale environment. Preferably overseeing daily, weekly, monthly functions and following best practices.
- Identify, analyze, define, & coordinate user, client, and stakeholder needs and translate them into technical requirements.
- Support day-to-day technical communication systems and incident tickets in support of operations.
- Be familiar with scripting tools such as Python, Bash, and SPL. Firm understanding of REGEX.
- Candidate should have experience in:
- System Integration and/or administration for Splunk users, searches/reports, dashboards, systems, or onboarding 3rd party log data.
- Windows OS, UNIX or Linux-based systems support with experience in mid-to-large data center environments and patch/update management.
- Demonstrated advanced diagnostics, analytical, troubleshooting skills.
- Experience with physical servers and those hosted within virtualized environments such as VMware vSphere's vCenter Server Appliance.
- Must be able to push/pull, lift, or carry up to 50 lbs.
- Must be willing to travel up to 5% (3 weeks) of the year, dependent on contract needs and requirements that may arise.
Education/Certification(s):
- Technical degree, Associates or, bachelor's degree in computer science/information systems, Science/Engineering/Math, or 2-4 years' relevant experience in Information Technology preferably within system or application administration is acceptable
There are three required certifications for this position, of which two are required to start on the contract and one that must be earned within 90 days of start.
- Requires one of the following DoD 8570.01-M Information Assurance Technical (IAT) Level II certification to begin on contract:
- CompTIA Security+ CE (Continuing Education)
- CompTIA Cybersecurity Analyst (CySA+) CE (Continuing Education)
- (ISC) Systems Security Certified Practitioner (SSCP)
- GIAC Global Industrial Cyber Security Professional (GICSP)
- GIAC Security Essentials Certification (GSEC)
- (ISC) Systems Security Certified Practitioner (SSCP)
- Requires one of the following Computing Environment/Operating System (CE/OS) to begin on contract (Linux/Unix preferred):
- Microsoft 365 Certified: Identity and Access Administrator Associate
- Microsoft 365 Certified: Endpoint Administrator Associate
- Microsoft 365 Certified: Azure Administrator Associate
- Linux Foundation Certified System Administrator (LFCS) (Preferred)
- LPIC-1 (Preferred)
- Linux+ (Preferred)
- Requires the following technical certifications within 45 days of starting on the contract:
- Splunk Enterprise Certified Admin
Clearance:
- Active DoD Secret required or ability to complete investigation process for interim with potential to upgrade to Top Secret clearance preferred.
About Semper Valens Solutions:
Semper Valens Solutions, Inc. (SVS) is a Service-Disabled Veteran Owned Small Business (SDVOSB) providing Cost Effective Software and Systems Engineering, Field Support, Training and Full Life cycle Support Management to the DOD and VA community.
At Semper Valens, our vision is to remain a creative, cutting edge and cost-effective solutions provider where our shared intellect, industry experience, and technology excellence, make a positive difference in our customer's success. Our solutions help bridge the gap between IT and business prioritizations to optimize budgets, risks, and operational processes.
We search for outstanding technical professionals, hiring at all levels of the experience spectrum; intermediate, journeyman and senior. Consider us for your career plan.
Semper Valens Solutions is an Equal Opportunity Employer
Semper Valens Solutions proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital/parental status, pregnancy/childbirth, or related conditions, physical or mental disability, genetic information, status as a Disabled Veteran, Recently Separated Veteran, Active-Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.
If you require a reasonable accommodation to apply for a position with Semper Valens Solutions through its online applicant system, please contact Semper Valens Solutions Human Resources Department at (830) 899-6870.
Semper Valens Solutions is an affirmative action/equal opportunity employer - minorities, females, disabled, and protected veterans are urged to apply. Applicants have rights under Federal Employment Laws.
All Jobs at Semper Valens Solutions: https://sempervalens.com/careers