Splunk Admin/ Engineer

Job Description:
The Splunk Admin/ Engineer will support a large team of infrastructure, security and application team during migration of on-prem and cloud applications to the client Azure Government enclave. The Splunk Admin/Engineer will configure, operate and maintain the Splunk environment across data sources and user needs in a multi cloud environment. In addition, will be responsible for data ingestions, search query writing, scripting, data visualization, Splunk architecture changes, and deployment. This role will also support the security assessment and authorization/ ATO team and provide input for security audits. He/She will be working closely with the SOC and incident response teams to investigate incidents.
Required Skills:
5+ years' experience configuring, deploying and maintaining and optimizing Splunk:
Administer and manage the day-to-day operations of the Splunk Environment
Oversee Splunk indexers, search heads, forwarders to ensure optimal performance
Implement and manage federated queries, Splunk dashboards, alerts, and reports.
Integrate Splunk with various data sources and external platforms (including other SIEM tools) in a multi cloud environment
Develop and maintain Splunk Knowledge objects, queries, and advanced data visualization
Perform Splunk upgrades, patching, and routine maintnance tasks
Troubleshoot and resolve issues related to Splunk installation, data inputs, and log parsing
Work cosely with the SOC team to monitor and analyze logs, reports and alerts
Strong knowldge of Search Processing Language (SPL) to query and manipulate data
Experience in Operating System administration for the platforms Splunk runs on (RHEL, Linux, Windows)
Familiarity with Shell commands and scripting for automation
Design, implement, and maintain Splunk apps and add-on.
Required Qualifications:
Bachelor's degree in a related field
U.S. Citizen
Ability to acquire a Public Trust Background investigation
Preferred Skills:
Splunk Enterprse Certified Administrator (SECA)
Familiarity with cloud platforms and integration with Splunk
Knowledge of other securiy tools
Experience with automation tools (e.g. Ansible, Puppet, or Chef)
Certified in industry recognized areas such as CISSP, CISA, or CISM
Excellent organization, collaboration, project management, and team leadership skills
Strong communication skills and experience creating and delivering compliance status and metrics briefings to senior leadership