Yesterday
Public Trust
Mid Level Career (5+ yrs experience)
Unspecified
No Traveling
IT - Security
Washington, DC (Off-Site/Hybrid)
Summit Technologies Inc. is seeking a Splunk Administrator to support enterprise cybersecurity operations. This role is responsible for administering, maintaining, and optimizing Splunk platforms within a mission-critical federal environment. You will ensure reliable log ingestion, efficient search, reporting, and seamless support to Analysts and Engineers who rely on Splunk. This is an excellent opportunity for an IT professional with hands-on Splunk administration experience who thrives in federal environments. This Hybrid position requires working 3 days per week onsite in Washington, DC. Candidates must be eligible to obtain a Public Trust clearance.
Duties and Responsibilities
Administer and maintain Splunk Enterprise and Splunk ES, ensuring availability, performance, and stability.
Manage log ingestion pipelines, including syslog servers, Windows Event Collectors, and application connectors.
Onboard and normalize new data sources, validate data quality, and ensure mapping to the Common Information Model (CIM).
Create, maintain, and optimize Splunk knowledge objects (field extractions, lookups, macros, event types, tags, etc.).
Develop and tune dashboards, reports, and alerts to support incident response operations and compliance requirements.
Monitor Splunk license consumption and system capacity; make recommendations for scaling and optimization.
Troubleshoot Splunk forwarders, search head, and indexer issues to maintain operational continuity.
Implement KV stores, lookups, and data model acceleration to improve search and reporting performance.
Support security use case development in Splunk ES for security incident response analysts.
Assist end users with queries, dashboards, and reporting needs, providing mentorship in SPL and best practices.
Maintain documentation, including SOPs, technical designs, and architecture references.
Monitor Splunk infrastructure health and contribute to proactive capacity planning.
Participate in team meetings, planning sessions, and technical reviews.
Required Skills and Experience
3+ years of hands-on Splunk administration experience in enterprise environments.
Strong Linux command line experience; familiarity with Windows and Unix system administration.
Experience with Splunk ES, CIM, and advanced search/reporting commands.
Knowledge of log ingestion methods, normalization, and baselining techniques.
Experience with regular expressions (regex) for field extractions and data parsing.
Familiarity with security technologies such as endpoint protection, IDS/IPS, firewalls, and vulnerability management.
Strong troubleshooting skills across distributed IT infrastructures.
Excellent interpersonal and communication skills (verbal and written).
Required Certification
CompTIA Security+ or higher certification (e.g., CISSP, CISM).
Highly Desired Skills
Experience in a Security Operations Center (SOC) environment.
Experience with data modeling, use case development, and alert tuning.
Familiarity with NIST and federal cybersecurity frameworks (e.g., FISMA, OMB, FedRAMP).
Experience with other SIEM tools (e.g., ELK, Azure Sentinel).
Splunk Certified Administrator certification preferred.
Education
Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Engineering, or related discipline; OR 7+ years of relevant IT experience.
Clearance Requirement
Must be eligible for a Public Trust.
If you feel you are qualified and want to be considered for this position, please supply the following to: psaerekm3qqs9tpwmghcup5fsw@crelate.net
and please put the job number ‘6863’ in the subject line:
Updated resume including MM/YYYY for each employer.
Best times/dates to interview (plus phone # you can best be contacted at).
Availability to start once given formal offers.
Summit Technologies Inc. appreciates your interest. We will contact the best matching prospects and will consider you for future opportunities. We will not submit your resume without your prior knowledge and consent. We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin, disability or veteran status.
Duties and Responsibilities
Administer and maintain Splunk Enterprise and Splunk ES, ensuring availability, performance, and stability.
Manage log ingestion pipelines, including syslog servers, Windows Event Collectors, and application connectors.
Onboard and normalize new data sources, validate data quality, and ensure mapping to the Common Information Model (CIM).
Create, maintain, and optimize Splunk knowledge objects (field extractions, lookups, macros, event types, tags, etc.).
Develop and tune dashboards, reports, and alerts to support incident response operations and compliance requirements.
Monitor Splunk license consumption and system capacity; make recommendations for scaling and optimization.
Troubleshoot Splunk forwarders, search head, and indexer issues to maintain operational continuity.
Implement KV stores, lookups, and data model acceleration to improve search and reporting performance.
Support security use case development in Splunk ES for security incident response analysts.
Assist end users with queries, dashboards, and reporting needs, providing mentorship in SPL and best practices.
Maintain documentation, including SOPs, technical designs, and architecture references.
Monitor Splunk infrastructure health and contribute to proactive capacity planning.
Participate in team meetings, planning sessions, and technical reviews.
Required Skills and Experience
3+ years of hands-on Splunk administration experience in enterprise environments.
Strong Linux command line experience; familiarity with Windows and Unix system administration.
Experience with Splunk ES, CIM, and advanced search/reporting commands.
Knowledge of log ingestion methods, normalization, and baselining techniques.
Experience with regular expressions (regex) for field extractions and data parsing.
Familiarity with security technologies such as endpoint protection, IDS/IPS, firewalls, and vulnerability management.
Strong troubleshooting skills across distributed IT infrastructures.
Excellent interpersonal and communication skills (verbal and written).
Required Certification
CompTIA Security+ or higher certification (e.g., CISSP, CISM).
Highly Desired Skills
Experience in a Security Operations Center (SOC) environment.
Experience with data modeling, use case development, and alert tuning.
Familiarity with NIST and federal cybersecurity frameworks (e.g., FISMA, OMB, FedRAMP).
Experience with other SIEM tools (e.g., ELK, Azure Sentinel).
Splunk Certified Administrator certification preferred.
Education
Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Engineering, or related discipline; OR 7+ years of relevant IT experience.
Clearance Requirement
Must be eligible for a Public Trust.
If you feel you are qualified and want to be considered for this position, please supply the following to: psaerekm3qqs9tpwmghcup5fsw@crelate.net
and please put the job number ‘6863’ in the subject line:
Updated resume including MM/YYYY for each employer.
Best times/dates to interview (plus phone # you can best be contacted at).
Availability to start once given formal offers.
Summit Technologies Inc. appreciates your interest. We will contact the best matching prospects and will consider you for future opportunities. We will not submit your resume without your prior knowledge and consent. We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin, disability or veteran status.
group id: summitct
