Today
Top Secret
Unspecified
Polygraph
IT - Data Science
Chantilly, VA (On-Site/Office)
Job Summary:
The monitoring team uses Splunk to collect detailed system audit and performance logs necessary for system accreditation, troubleshooting, and security reporting. The Sponsor is responsible for the collection of these data and working with system owners and users to get the most out of the data collection. The Sponsor needs proficiency in creating dashboards to assist stakeholders with troubleshooting, managing data feeds status, and managing audit logs from applications. Work will include collecting and reporting of hosted systems.
Job Responsibilities and Duties:
Technical Experience:
Clearance:
The monitoring team uses Splunk to collect detailed system audit and performance logs necessary for system accreditation, troubleshooting, and security reporting. The Sponsor is responsible for the collection of these data and working with system owners and users to get the most out of the data collection. The Sponsor needs proficiency in creating dashboards to assist stakeholders with troubleshooting, managing data feeds status, and managing audit logs from applications. Work will include collecting and reporting of hosted systems.
Job Responsibilities and Duties:
- Maintain clustered Splunk infrastructure, including search head and index cluster, deployment server, deployer, license manager, heavy and universal forwarders, Distributed Management Console (DMC).
- Onboard new data sources, monitor the health of existing data feeds.
- Deploy and manage Splunk apps, including writing custom apps where needed.
- Design and implement data flow and access across different networks and system interfaces, for example, between Splunk and AWS, or between Splunk and network devices.
- Perform routine maintenance tasks such as adding or deleting indexes, sizing volumes, adding data inputs, patching the OS, upgrading Splunk, and automation of routine tasks.
- Troubleshoot data flow interruptions, data quality issues, and performance issues.
- Collaborate with other functional teams such as network, storage, and security to provide Splunk service where needed across the entire customer network.
- Document architecture, how-to guides, and troubleshooting documents.
- Create dashboards to assist stakeholders with troubleshooting, managing data feeds status, and managing audit logs from applications.
- Collect information for reporting on hosted systems.
Technical Experience:
- Demonstrated experience working with Splunk and Linux.
- Demonstrated experience understanding Splunk distributed architecture and data pipelines, with hands-on implementation.
- Demonstrated experience with Splunk client management and apps management.
- Demonstrated experience with integrating Splunk with various data sources such as syslog, flat files, databases, APIs, cloud platform logs, and HEC endpoints.
- Demonstrated experience with Splunk SPL to create searches, reports, alerts, and dashboards.
- Demonstrated experience with Splunk conf files to manage inputs, props, transforms, and similar.
- Demonstrated experience with fluency with Linux OS (RHEL or Rocky 8) and Command Line Interface (CLI).
- Demonstrated experience with scripting languages such as Bash, Python.
- Demonstrated experience with PowerShell for task automation.
- Demonstrated experience with custom apps development.
- Demonstrated experience with Regular Expression.
- Demonstrated experience with AWS SDK and CLI to programmatically interface with AWS.
Clearance:
- Active DOD Top Secret SCI with Poly
- Must be a US Citizen.
group id: 10290999
