Join our Talent Network >

Splunk Administrator

Job ID: 2209950
Location: WASHINGTON, DC, United States
Date Posted: Aug 3, 2022
Category: Cyber
Subcategory: Cybersecurity Spec
Schedule: Full-time
Shift: Day Job
Travel: No
Minimum Clearance Required: None
Clearance Level Must Be Able to Obtain: Public Trust
Potential for Remote Work: Hybrid Remote
Benefits: Click here

Share: mail

Job Description

Description

SAIC is seeking a Splunk Administrator to come support our PBGC customer in Washington, D.C.

 

Responsibilities include:

 

  • Administer Splunk Enterprise Security
  • Architect, design, support, and maintain Splunk infrastructure for high availability and disaster recovery configuration
  • Support and maintain complete logging infrastructure including, but not limited to, log storage, syslog and Windows Event Collector servers, and database connections
  • Troubleshoot Splunk server and forwarder issues
  • Tune search and indexer performance
  • Create and manage Splunk knowledge objects (field extractions, macros, event types, etc.) 
  • On-board new data sources into Splunk, analyzed the data for anomalies and trends, and built dashboards highlighting key trends
  • Perform data mining and analysis, utilizing various queries and reporting methods
  • Monitor and troubleshoot existing input (file monitoring, http, modular) 
  • Map customer data to the Splunk Common Information Model (CIM)
  • Implement KV stores, lookups, and data model acceleration to optimize search performance and reporting
  • Build and integrated contextual data into notable events
  • Interact with end users to gather requirements
  • Develop security use cases within Splunk Enterprise Security for SOC consumption
  • Mentor users and other groups on their use of Splunk
  • Technical writing/creation of formal documentation such as architecture diagrams, technical designs, and SOPs
  • Monitor the agent and server infrastructure for capacity planning and optimization
  • Monitor license consumption/make recommendations based on trends in license usage

Qualifications

Bachelor's degree in an Information Technology field plus five (5) years of related information security experience.  Masters and three (3) years or more experience.

 

  • Current Splunk Certified Administrator required; Splunk Architect highly preferred
  • Current Splunk User and Power User certification required  
  • Experience deploying applications within Splunk or administrating the Splunk platform
  • Experience with data normalization and data modeling within the Splunk environment
  • Knowledge of Splunk architecture and best practices
  • Expertise with Linux and command-line interface
  • Understand methods of collection, logging, windows filtering and tuning/base-lining data
  • Intermediate level understanding of Solaris, Linux, and Windows operating systems and Oracle/MSSQL databases
  • Experience working with security technologies to include endpoint security tools, boundary protection technologies, network security tools, and vulnerability management technologies.
  • Experience with the development of documentation, architecture diagrams, and process and procedures for end users
  • Experience with Regular Expressions (regex)
  • Knowledge of advanced search and reporting commands
  • Knowledge of network technology and common Internet protocols
  • Understanding of system log files and other structured and non-structured data

 

#PBGC

 

 SECURITY CLEARANCE: All candidates for consideration must be eligible to obtain a US Public Trust Clearance. 

st Clearance. 

 


Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.

Overview

SAIC® is a premier Fortune 500® technology integrator driving our nation's technology transformation. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes secure high-end solutions in engineering, digital, artificial intelligence, and mission solutions. Using our expertise and understanding of existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions that are critical to achieving our customers' missions.

We are more than 26,500 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer, fostering a respectful work culture based on diversity, equity, and inclusion that values all contributors. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.1 billion. For more information, visit saic.com.

Share: mail

Similar Jobs

FedRAMP / Cyber Compliance Analyst

WASHINGTON, DC, United States
Cyber

Intel Ops Analyst

MCLEAN, VA, United States
Cyber

Counterintelligence Analyst

BETHESDA, MD, United States
Cyber

Counterintelligence Analyst

MCLEAN, VA, United States
Cyber

Information Assurance

FORT BELVOIR, VA, United States
Cyber

Information Technology Representative

ARLINGTON, VA, United States
Cyber

Senior A&A Cybersecurity Analyst

REMOTE WORK, MD, United States
Cyber

Incident Response Analyst

FORT MEADE, MD, United States
Cyber

Cyber Readiness Subject Matter Expert

FORT MEADE, MD, United States
Cyber

Firewall Engineer

SPRINGFIELD, VA, United States
Cyber

Cyber Operations Specialist

ARLINGTON, VA, United States
Cyber

Technical Systems Operator, TS/SCI & Poly Required

CHANTILLY, VA, United States
Cyber

Cyber Security Systems Engineer - Senior

CHANTILLY, VA, United States
Cyber

Cyber Security Engineer - Expert

CHANTILLY, VA, United States
Cyber

Cybersecurity Operations Planner

FORT MEADE, MD, United States
Cyber

Cyber Security Engineer

MCLEAN, VA, United States
Cyber

Collection Data Manager

FORT MEADE, MD, United States
Cyber

Cyberspace Operations Planner

FORT MEADE, MD, United States
Cyber

Cyberspace Ops Analyst Sr

ANNAPOLIS JUNCTION, MD, United States
Cyber

Cyber Threat/Warning Analyst

ANNAPOLIS JUNCTION, MD, United States
Cyber

Sr. Cyberspace Analyst

FORT MEADE, MD, United States
Cyber

Senior Cyber/Targeting Analyst

MCLEAN, VA, United States
Cyber

Splunk Administrator

WASHINGTON, DC, United States
Cyber

Security Operations Analyst

ALEXANDRIA, VA, United States
Cyber

Cloud ISSO Support

REMOTE WORK, CA, United States
Cyber