Job ID: 198454
Location: SPRINGFIELD, VA, United States
Date Posted: Oct 4, 2019
Category: Engineering and Sciences
Subcategory: Systems Engineer
Shift: Day Job
Minimum Clearance Required: Interim Secret
Clearance Level Must Be Able to Obtain: Top Secret
Potential for Teleworking: No
SAIC has an opening for a Splunk Systems Engineer located in Springfield, VA.
The Vanguard 2.2.1 contract currently has an opening for a Splunk Engineer to support the Department of State (DoS) Bureau of Information Resource Management (IRM) PKI enclave engineering and operation team. The team supports the DoS PKI program office which provides PKI based encryption and digital signature services to all users at the department’s global diplomatic missions.
This is a new functional role being added to the DoS PKI enclave Operations Management & Analytics team. The preferred candidate will be responsible for helping to deploy and manage a Splunk infrastructure, onboard new data sources, and assist with the creation and deployment of knowledge objects.
This role will change into a multi-disciplinary role that will interact directly with different functional IT and security teams outside of the program office to gather requirements, architect solutions and deliver value.
The engineer will lead an effort to build, implement and administer Splunk and Splunk Enterprise Security Suite in Windows and Linux environments, editing and maintaining Splunk configuration files and apps.
TYPICAL EDUCATION AND EXPERIENCE: Bachelors and fourteen (14) years or more experience; Additional experience in lieu of degree accepted
• Strong communication skills and the ability to convey complex issues to diverse audiences in an easily understandable and actionable way
• Proven ability to engage collaboratively with people in diverse teams
• Splunk administration experience
• Experience creating and managing Splunk knowledge objects (field extractions, macros, event types, etc)
• Experience with one or more Splunk applications (ITSI, Enterprise Security, Database Connect, Splunk app for Service Now)
• Advanced knowledge of Splunk search language and search best practices Education Requirements
• Perform data ingestion and visualization for Splunk and Splunk Enterprise Security Suite
• Build and integrate contextual data into notable events
• Recognizing and onboarding new data sources into Splunk, analyzing the data for anomalies and trends, and building dashboards highlighting the key trends of the data.
• Extensive experience in SQL query development leveraging HTML, XML, CSS, Bash, Java, and Python scripts.
• May be asked to help automating Splunk deployments and orchestration within a Cloud environment Basic
• Extensive experience implementing, architecting and administering Splunk and Splunk Enterprise Security Suite
• Scripting experience in HTML, XML, CSS, Bash, JAVA and Python scripts
• Experience administering Linux (Redhat) and Windows OS
• Experience administering VMware infrastructure
• Certified Splunk Administrator
• Certified Splunk Enterprise Security
SAIC is a premier technology integrator, solving our nation's most complex modernization and systems engineering challenges across the defense, space, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and simulation; and training. We are a team of 23,000 strong driven by mission, united purpose, and inspired by opportunity. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see Working at SAIC. EOE AA M/F/Vet/Disability