Splunk Admin
Apply on
Company Name: - JTSi (Johnson Technology Systems, Inc.)
Role: Splunk Admin
Location: Remote / DC Metro candidates will be given priority, Hybrid work schedule
Project: Enterprise Security Team
Employment Requirements:
Job Description:
As a Splunk Administrator, you will be entrusted with the critical role of managing and optimizing our Splunk infrastructure. This role involves configuring, maintaining, and troubleshooting Splunk infrastructure, ensuring the reliability, availability, and performance of our data analytics platform. You will work closely with cross-functional teams to design and implement monitoring solutions that enhance the visibility and security of our IT environment.
Key Responsibilities:
- Install, configure, and maintain Splunk infrastructure, including forwarders, indexers, and search heads.
- Perform regular system upgrades and patching to maintain security and performance.
- Monitor system performance and troubleshoot issues to ensure optimal functionality of Splunk.
- Collaborate with IT and security teams to integrate Splunk with other systems and applications.
- Provide technical Splunk support and training to end-users and stakeholders.
- Develop and maintain documentation for system configurations, processes, and procedures.
- Implement and manage data ingestion processes, ensuring data integrity and availability.
- Develop and manage Splunk dashboards, reports, alerts, and visualizations.
Minimum Qualifications
- Bachelor's degree in computer science, Information Security, or related field or equivalent professional experience
- Splunk Enterprise Certified Administrator
- Effective communication and collaboration skills
- Problem-solving skills and the ability to think strategically about security
- Continuous learning mindset
- Experience with data onboarding, parsing, and indexing in Splunk
- Minimum 5 years of hands-on experience in Splunk Administration
- Minimum 3 years of hands-on experience with AWS
The below ideal core competencies and experience should align candidates for success in the Environments:
- Proficient in both Linux and Windows environments
- Hardware, software, and network-level troubleshooting skills
- Log management and parsing strategies
- Familiarity with networking concepts and protocols (e.g., TCP/IP, DNS, etc.)
- Exposure to infrastructure as Code (IaC) tools like Terraform and Ansible
Candidates with the following relevant certifications and experience will be given preferential consideration:
- Red Hat Enterprise Linux certifications, such as RHCSE or RHCSA
- Experience with Splunk Enterprise Security (ES)
- AWS Certified Solutions Architect or SysOps Administrator
- CISSP certification
- Infrastructure automation experience
- Prior DoD or FedRAMP experience
- Programming/scripting experience e.g.: Python, PowerShell, Bash, etc.
- Familiarity with security compliance frameworks and regulations such as NIST 800-171 or 800-53