Join our Talent Network >

Splunk Administrator

Job ID: 200102
Location: WASHINGTON, DC, United States
Date Posted: Feb 6, 2020
Category: Cyber
Subcategory: Cyber Sec Analyst
Schedule: Full-time
Shift: Day Job
Travel: No
Minimum Clearance Required: None
Clearance Level Must Be Able to Obtain: Public Trust
Potential for Teleworking: No

Share: mail

Job Description

Description

SAIC is seeking a Splunk Administrator to come support our PBGC customer in Washington, D.C.

Responsibilities include:

Administer Splunk Enterprise Security
Architect, design, support, and maintain Splunk infrastructure for high availability and disaster recovery configuration
Support and maintain complete logging infrastructure including, but not limited to, log storage, syslog and Windows Event Collector servers, and database connections
Troubleshoot Splunk server and forwarder issues
Tune search and indexer performance
Create and manage Splunk knowledge objects (field extractions, macros, event types, etc.) 
On-board new data sources into Splunk, analyzed the data for anomalies and trends, and built dashboards highlighting key trends
Perform data mining and analysis, utilizing various queries and reporting methods
Monitor and troubleshoot existing input (file monitoring, http, modular) 
Map customer data to the Splunk Common Information Model (CIM)
Implement KV stores, lookups, and data model acceleration to optimize search performance and reporting
Build and integrated contextual data into notable events
Interact with end users to gather requirements
Develop security use cases within Splunk Enterprise Security for SOC consumption
Mentor users and other groups on their use of Splunk
Technical writing/creation of formal documentation such as architecture diagrams, technical designs, and SOPs
Monitor the agent and server infrastructure for capacity planning and optimization
Monitor license consumption/make recommendations based on trends in license usage

Qualifications


EDUCATION & EXPERIENCE:

 Bachelor's degree in an Information Technology field plus five (5) years of related information security experience.  Masters and three (3) years or more experience; PhD and 0 years related experience.
 
Current Splunk Certified Administrator required; Splunk Architect highly preferred
Current Splunk User and Power User certification required  
Experience deploying applications within Splunk or administrating the Splunk platform
Experience with data normalization and data modeling within the Splunk environment
Knowledge of Splunk architecture and best practices
Expertise with Linux and command-line interface
Understand methods of collection, logging, windows filtering and tuning/base-lining data
Intermediate level understanding of Solaris, Linux, and Windows operating systems and Oracle/MSSQL databases
Experience working with security technologies to include endpoint security tools, boundary protection technologies, network security tools, and vulnerability management technologies.
Experience with the development of documentation, architecture diagrams, and process and procedures for end users
Experience with Regular Expressions (regex)
Knowledge of advanced search and reporting commands
Knowledge of network technology and common Internet protocols
Understanding of system log files and other structured and non-structured data

#PBGC
 
 SECURITY CLEARANCE: All candidates for consideration must be eligible to obtain a US Public Trust Clearance. 

Desired Qualifications

 

Overview

SAIC is a premier technology integrator solving our nation's most complex modernization and readiness challenges. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes high-end solutions in engineering, IT, and mission solutions. Using our expertise in existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions. We are 23,000 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, Virginia, SAIC has pro forma annual revenues of nearly $6.5 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom. For SAIC benefits information, see Working at SAIC. EOE AA M/F/Vet/Disability

Share: mail

Similar Jobs

Cloud Security Analyst

WASHINGTON, DC, United States
Cyber

Cyber Security Analyst

WASHINGTON, DC, United States
Cyber

IT Security Analyst

VIENNA, VA, United States
Cyber

Senior IT Security Analyst

VIENNA, VA, United States
Cyber

Cyber Security Engineer

CHANTILLY, VA, United States
Cyber

Task Manager-Cyber Monitoring and Operations

ARLINGTON, VA, United States
Cyber

Sr. Cyber Security Analyst

RESTON, VA, United States
Cyber

Cyber Operations Action Officer

FORT BELVOIR, VA, United States
Cyber

Cyber and Intelligence Industry Networking Event

FORT MEADE, MD, United States
Cyber

Senior Cyber Security Analyst

HERNDON, VA, United States
Cyber

Cyber Security Analyst

HERNDON, VA, United States
Cyber

Engineer Info Assurance 5

ANNAPOLIS JUNCTION, MD, United States
Cyber

Cyber Security Analyst (Sr Principal)

ALEXANDRIA, VA, United States
Cyber

Security Analyst SME

WASHINGTON, DC, United States
Cyber

Information Network Operations Planner

FORT MEADE, MD, United States
Cyber

Cleared Cyber Security Analyst

RESTON, VA, United States
Cyber

Firewall DevSecOps Engineer

RESTON, VA, United States
Cyber

Computer Network Security Analyst

RESTON, VA, United States
Cyber

Information Operations Analyst

FORT MEADE, MD, United States
Cyber

Defensive Cyber Operations (DCO) Planner

FORT MEADE, MD, United States
Cyber

Offensive Cyber Operations Fires Planner

FORT MEADE, MD, United States
Cyber

Defensive Cyber Operations (DCO) Analyst

FORT MEADE, MD, United States
Cyber

Cyberspace Analyst I

FORT MEADE, MD, United States
Cyber

Task Manager - Cyber Investigation & Forensics

ARLINGTON, VA, United States
Cyber

Provide your information to receive jobs that fit you by keywords, location, and more,
and then receive great opportunities based on your skills and experience.

Join our Talent Network >