Today
Secret
Unspecified
Unspecified
North Charleston, SC (On-Site/Office)
Splunk is a powerful log aggregation and data analysis tool used widely by the Defense Health Agency (DHA) to monitor IT assets across the military health system. Core4ce is seeking a Splunk Administrator capable of configuring, troubleshooting, and sustaining an enterprise Splunk instance used by 5,000+ end users.
Responsibilities
Requirements
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), national origin, disability, veteran status, age, genetic information, or other legally protected status.
Responsibilities
- Demonstrated experience using Splunk Search Processing Language to assist customers in creating queries, setting alerts, identifying event conditions, and building dashboards. Develop reliable, efficient, and re-usable queries that will drive custom alerts and dashboards
- Assist users in accessing and identifying relevant audit logs, both for troubleshooting and cybersecurity compliance purposes.
- Assisting customers in configuring dashboards to facilitate their own audit log analysis, and generally assisting customers in developing Splunk solutions for their use cases.
- Data onboarding to high data quality standards and CIM compliance.
- Support large-scale deployment with data feeds from multiple locations worldwide
- Monitor and maintain Splunk performance, availability, and capacity. Recommend configuration changes to improve the performance, stability or usability of the platform.
- Work independently, take initiative, and proactively troubleshoot and resolve platform issues.
- Act as the Splunk liaison for Splunk technical questions, issues or escalations. This will include working with Splunk Support, Product Management or others as needed.
Requirements
- High school graduation or GED. High-level education, such as a technical bachelor's degree, is highly valued but not required.
- At least 5 years of IT experience, with at least a year working directly with Splunk, either as a power user or as a system administrator.
- Experience with the Department of Defense or other federal agencies is preferred but not required.
- Hold an industry certification related to any of the following technologies: Windows OS, Red Hat Enterprise Linux, Microsoft Azure, Amazon Web Services, or VMWare. Other industry certifications may also be applicable for this position and will be considered upon request.
- Experience with scripting languages such as bash, python and powershell.
- Broad understanding of IT infrastructure, including network, system, application and compliance, and corresponding logs generated.
- Splunk Enterprise Certified Admin certification strongly preferred. If the successful candidate does not already hold this certification at the time of hire, he/she will be expected to obtain it within 6 months of starting
- CompTIA Security+ or equivalent certification required, either at the time of hire or within 6 months of starting if not already held.
- Secret security clearance or the ability to obtain a clearance
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), national origin, disability, veteran status, age, genetic information, or other legally protected status.
group id: 10488887
