Job ID: 200733
Location: SPRINGFIELD, VA, United States
Date Posted: Jan 29, 2020
Category: Engineering and Sciences
Subcategory: Systems Engineer
Shift: Day Job
Minimum Clearance Required: Interim Secret
Clearance Level Must Be Able to Obtain: Top Secret
Potential for Teleworking: No
SAIC has an opening for a Splunk Systems Engineer located in Springfield, VA.
The Vanguard 2.2.1 contract currently has an opening for a Splunk Engineer to support the Department of State (DoS) Bureau of Information Resource Management (IRM) PKI enclave engineering and operation team. The team supports the DoS PKI program office which provides PKI based encryption and digital signature services to all users at the department’s global diplomatic missions.
This is a new functional role being added to the DoS PKI enclave Operations Management & Analytics team. The preferred candidate will be responsible for helping to deploy and manage a Splunk infrastructure, onboard new data sources, and assist with the creation and deployment of knowledge objects.
This role will change into a multi-disciplinary role that will interact directly with different functional IT and security teams outside of the program office to gather requirements, architect solutions and deliver value.
The engineer will lead an effort to build, implement and administer Splunk and Splunk Enterprise Security Suite in Windows and Linux environments, editing and maintaining Splunk configuration files and apps.
TYPICAL EDUCATION AND EXPERIENCE: Bachelors and fourteen (14) years or more experience; Additional experience in lieu of degree accepted
• Strong communication skills and the ability to convey complex issues to diverse audiences in an easily understandable and actionable way
• Proven ability to engage collaboratively with people in diverse teams
• Splunk administration experience
• Experience creating and managing Splunk knowledge objects (field extractions, macros, event types, etc)
• Experience with one or more Splunk applications (ITSI, Enterprise Security, Database Connect, Splunk app for Service Now)
• Advanced knowledge of Splunk search language and search best practices Education Requirements
• Perform data ingestion and visualization for Splunk and Splunk Enterprise Security Suite
• Build and integrate contextual data into notable events
• Recognizing and onboarding new data sources into Splunk, analyzing the data for anomalies and trends, and building dashboards highlighting the key trends of the data.
• Extensive experience in SQL query development leveraging HTML, XML, CSS, Bash, Java, and Python scripts.
• May be asked to help automating Splunk deployments and orchestration within a Cloud environment Basic
• Extensive experience implementing, architecting and administering Splunk and Splunk Enterprise Security Suite
• Scripting experience in HTML, XML, CSS, Bash, JAVA and Python scripts
• Experience administering Linux (Redhat) and Windows OS
• Experience administering VMware infrastructure
• Certified Splunk Administrator
• Certified Splunk Enterprise Security
SAIC is a premier technology integrator solving our nation's most complex modernization and readiness challenges. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes high-end solutions in engineering, IT, and mission solutions. Using our expertise in existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions. We are 23,000 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, Virginia, SAIC has pro forma annual revenues of nearly $6.5 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom. For SAIC benefits information, see Working at SAIC. EOE AA M/F/Vet/Disability