Splunk Analyst

Company Overview

XPECT Solutions, LLC has built a strong reputation by supporting our clients in meeting their strategic goals and mission objectives. We provide high quality resources for a wide range of IT and security solutions at best-value pricing. Our success is built on a solid foundation of well-vetted, highly technical personnel, a disciplined project management approach, and an overarching commitment to customer service. We develop, test, deploy, and support exceptional solutions that enhance system functionality, while maximizing reliability and availability, and ensure the tightest security.

Job Overview
A successful candidate will have experience in defining security, utilization, and performance requirements for local and wide area networks. The Analyst must have proficiency in implementing solutions that align with the Government's security / monitoring systems and requirements. The Analyst shall be proficient in the SPLUNK platform, familiar with Ansible, Python, and PowerShell scripting, Internet Proxy Logs, RSA, Windows Active Directory, Windows Servers, Red Hat Enterprise Linux Servers, and capacity planning in Windows/ Linux environments.
The Splunk Analyst shall, under the guidance of the Network Operations IT Program Manager, be responsible for the daily operations and maintenance of the EOUSA/NOS Splunk deployment.

This position is hybrid. The candidate is required to report to site at least (1) day per week. Onsite requirements are subject to change at the customer's discretion therefore the candidate must be willing and able to report to site 100% of the workweek if/when required to do so.

Core Responsibilities

• Perform daily administrative tasks to manage Splunk datasets and storage utilization. This includes monitoring automated backup tasks, manually backing up data if necessary, monitoring storage utilization on Splunk servers in all environments as well as network attached storage.
• Maintain Splunk Knowledgebase by updating existing and creating new KB articles as identified by the team.
• Create and update Splunk resources including saved searches, visualizations, alerts, dashboards and any other ad hoc deliverables as needed.
• Interface with user community and provide first level of support to troubleshoot issues or assist with any other Splunk requirements.
• Coordinate with, accept tasking from, accept guidance from, and collaborate on priorities with Senior Splunk engineer / Task lead.
• Participate in periodic stand-up task meetings. Frequency may be daily or multiple times per week based on projects in process.
• Create Splunk reports and dashboards as identified as needed based on enterprise customer requirements or internal team needs.
• Assist in creating, updating, and documenting Ansible playbooks (scripts) used to automate tasks and workflows (groups of tasks) within the Splunk environments.
• Manage Splunk lookups by verifying that automated jobs are updating lookup tables properly as well making adhoc changes as necessary.
• Monitor, administer and maintain accessibility to Splunk components including search heads, indexers, deployers, cluster masters, forwarders and syslog servers for continuous production environment uptime
• Coordinating with various components within the organization to troubleshoot issues
• Manage and secure RHEL and Windows servers for Splunk platform including patches and access controls.
• Assist team with reviewing/assessing/implementing new data sources, ie: syslog, scripted input, db inputs
• Working with IT Managers to validate data and provide training on new dashboard enhancements
• Assist with maintaining existing PowerShell / Python / C# scripts and creating new scripts as needed
• Assist with integrating various data sets into Splunk and creating new dashboards to ensure the confidentiality, integrity, security and availability of the WAN
• Provide a weekly Progress/Exceptions Report to include a list of tasks assigned, completed, and pending.

Requirements

• Must have or meet the qualifications to receive a Top Secret Clearance
  • Able to start with an Interim Top Secret
• 2 years with Splunk
• Experience in defining security, utilization, and performance requirements for local and wide area networks
• Proficient in implementing solutions that align with the Government's security / monitoring systems and requirements
• Proficient in the SPLUNK platform, familiar with Ansible, Python, and PowerShell scripting, Internet Proxy Logs, RSA, Windows Active Directory, Windows Servers, Red Hat Enterprise Linux Servers, and capacity planning in Windows/ Linux environments

B e nefits
Xpect Solutions, LLC is a one-of-a-kind employer with a talented team that is cleared at various levels and is certified in dozens of industry-recognized certifications. Our talented staff are the key to our success. They bring the knowledge, experience and technical skills to deliver the best solutions to our customers.

We support our team by providing open communication, win-win partnerships with clients and vendors, a team-oriented culture, and a focus on professional development and growth for a long-lasting and happy career.

We offer a benefits package that is designed to keep our most important assets - our employees - healthy, happy, energized and moving forward. Our philosophy is simple - empower our employees with the benefits, resources and the financial incentives they need to be successful.

Benefits and Perks:

• A competitive Medical, Dental, and Vision plan
• Retirement Savings Plan
• Life Insurance
• AD&D Insurance
• Short Term and Long Term Disability Insurance
• 3 weeks of annual PTO
• 11 days of Holiday PTO
• Performance Awards
• Referral Bonus Plan (of up to $5,000/year)
• Education Reimbursement/Training (of up to $2,500/year)

#cj