Today
Secret
Mid Level Career (5+ yrs experience)
$80,000 - $93,500
IT - Networking
Charleston, SC (On-Site/Office)
Splunk Administrator
Location: Charleston, SC or New Orleans, LA
Clearance: Secret (minimum)
Labor Category: Information Systems Security Specialist III
Summary:
The Splunk Administrator will support the Cloud CITI Splunk Team under the Service Delivery IPT. The position is responsible for administration, maintenance, and enhancement of the Splunk platform, ensuring optimal performance and availability for mission-critical security and business operations. The role supports multi-environment (on-premise NIPR/SIPR and cloud) deployments and integrates with enterprise tools including ServiceNow, eMASS, Tenable ACAS, Trellix ESS, SolarWinds, and EvaluateSTIG. The candidate will collaborate closely with mission owners, ISSM, and internal teams to support ingestion, analysis, alerting, reporting, and incident response activities.
________________________________________
Duties and Responsibilities:
• Install, configure, and maintain Splunk Enterprise software, Apps, and Add-ons.
• Configure data inputs from servers, applications, and network devices.
• Manage indexes, parsing, and data normalization for multi-tenant environments.
• Troubleshoot configuration, indexing, and performance issues.
• Develop dashboards, reports, alerts, and saved searches using SPL.
• Support data collection for security incident response and forensics.
• Create and maintain system documentation and configuration tracking.
• Manage user roles, RBAC permissions, and STIG compliance.
• Integrate Splunk with enterprise tools such as ServiceNow, Tenable ACAS, Trellix ESS, EvaluateSTIG, and eMASS.
• Support Enterprise Security (ES) and IT Service Intelligence (ITSI) modules for performance and security enhancement.
________________________________________
Required Skills and Qualifications:
• Experience:
Seven (7) years of experience with a Master’s degree or eleven (11) years with a bachelor’s degree in Electrical, Electronic, or Computer Engineering; Computer Science; or Information Systems.
• Certifications:
At least one (1) of the following:
o CompTIA Security+
o CompTIA Advanced Security Practitioner (CASP)
o Certified Information Systems Security Professional (CISSP)
• Technical Skills:
o Strong understanding of DoD STIG and auditing/monitoring controls.
o Advanced knowledge of Splunk architecture, configuration, and optimization.
o Proficiency in Splunk Processing Language (SPL).
o Experience with PowerShell, Bash, and Python for automation.
o Working knowledge of Windows, Linux, and networking principles.
o Familiarity with virtualization and Red Hat Enterprise Linux (RHEL).
________________________________________
Additional Considerations:
• Must be a self-starter with strong analytical and problem-solving skills.
• Demonstrated ability to collaborate across security, operations, and development teams.
• Commitment to continuous learning and professional growth in Splunk and cybersecurity disciplines.
Location: Charleston, SC or New Orleans, LA
Clearance: Secret (minimum)
Labor Category: Information Systems Security Specialist III
Summary:
The Splunk Administrator will support the Cloud CITI Splunk Team under the Service Delivery IPT. The position is responsible for administration, maintenance, and enhancement of the Splunk platform, ensuring optimal performance and availability for mission-critical security and business operations. The role supports multi-environment (on-premise NIPR/SIPR and cloud) deployments and integrates with enterprise tools including ServiceNow, eMASS, Tenable ACAS, Trellix ESS, SolarWinds, and EvaluateSTIG. The candidate will collaborate closely with mission owners, ISSM, and internal teams to support ingestion, analysis, alerting, reporting, and incident response activities.
________________________________________
Duties and Responsibilities:
• Install, configure, and maintain Splunk Enterprise software, Apps, and Add-ons.
• Configure data inputs from servers, applications, and network devices.
• Manage indexes, parsing, and data normalization for multi-tenant environments.
• Troubleshoot configuration, indexing, and performance issues.
• Develop dashboards, reports, alerts, and saved searches using SPL.
• Support data collection for security incident response and forensics.
• Create and maintain system documentation and configuration tracking.
• Manage user roles, RBAC permissions, and STIG compliance.
• Integrate Splunk with enterprise tools such as ServiceNow, Tenable ACAS, Trellix ESS, EvaluateSTIG, and eMASS.
• Support Enterprise Security (ES) and IT Service Intelligence (ITSI) modules for performance and security enhancement.
________________________________________
Required Skills and Qualifications:
• Experience:
Seven (7) years of experience with a Master’s degree or eleven (11) years with a bachelor’s degree in Electrical, Electronic, or Computer Engineering; Computer Science; or Information Systems.
• Certifications:
At least one (1) of the following:
o CompTIA Security+
o CompTIA Advanced Security Practitioner (CASP)
o Certified Information Systems Security Professional (CISSP)
• Technical Skills:
o Strong understanding of DoD STIG and auditing/monitoring controls.
o Advanced knowledge of Splunk architecture, configuration, and optimization.
o Proficiency in Splunk Processing Language (SPL).
o Experience with PowerShell, Bash, and Python for automation.
o Working knowledge of Windows, Linux, and networking principles.
o Familiarity with virtualization and Red Hat Enterprise Linux (RHEL).
________________________________________
Additional Considerations:
• Must be a self-starter with strong analytical and problem-solving skills.
• Demonstrated ability to collaborate across security, operations, and development teams.
• Commitment to continuous learning and professional growth in Splunk and cybersecurity disciplines.
group id: RTX166ecb
