Join our Talent Network >

Splunk Administrator

Job ID: 205410
Location: WASHINGTON, DC, United States
Date Posted: Apr 17, 2020
Category: Cyber
Subcategory: Cyber Sec Analyst
Schedule: Full-time
Shift: Day Job
Travel: No
Minimum Clearance Required: None
Clearance Level Must Be Able to Obtain: Public Trust
Potential for Teleworking: No

Share: mail

Job Description

Description

SAIC is seeking a Splunk Administrator to come support our PBGC customer in Washington, D.C.

Responsibilities include:

Administer Splunk Enterprise Security
Architect, design, support, and maintain Splunk infrastructure for high availability and disaster recovery configuration
Support and maintain complete logging infrastructure including, but not limited to, log storage, syslog and Windows Event Collector servers, and database connections
Troubleshoot Splunk server and forwarder issues
Tune search and indexer performance
Create and manage Splunk knowledge objects (field extractions, macros, event types, etc.) 
On-board new data sources into Splunk, analyzed the data for anomalies and trends, and built dashboards highlighting key trends
Perform data mining and analysis, utilizing various queries and reporting methods
Monitor and troubleshoot existing input (file monitoring, http, modular) 
Map customer data to the Splunk Common Information Model (CIM)
Implement KV stores, lookups, and data model acceleration to optimize search performance and reporting
Build and integrated contextual data into notable events
Interact with end users to gather requirements
Develop security use cases within Splunk Enterprise Security for SOC consumption
Mentor users and other groups on their use of Splunk
Technical writing/creation of formal documentation such as architecture diagrams, technical designs, and SOPs
Monitor the agent and server infrastructure for capacity planning and optimization
Monitor license consumption/make recommendations based on trends in license usage

Qualifications


EDUCATION & EXPERIENCE:

 Bachelor's degree in an Information Technology field plus five (5) years of related information security experience.  Masters and three (3) years or more experience; PhD and 0 years related experience.
 
Current Splunk Certified Administrator required; Splunk Architect highly preferred
Current Splunk User and Power User certification required  
Experience deploying applications within Splunk or administrating the Splunk platform
Experience with data normalization and data modeling within the Splunk environment
Knowledge of Splunk architecture and best practices
Expertise with Linux and command-line interface
Understand methods of collection, logging, windows filtering and tuning/base-lining data
Intermediate level understanding of Solaris, Linux, and Windows operating systems and Oracle/MSSQL databases
Experience working with security technologies to include endpoint security tools, boundary protection technologies, network security tools, and vulnerability management technologies.
Experience with the development of documentation, architecture diagrams, and process and procedures for end users
Experience with Regular Expressions (regex)
Knowledge of advanced search and reporting commands
Knowledge of network technology and common Internet protocols
Understanding of system log files and other structured and non-structured data

#PBGC
 
 SECURITY CLEARANCE: All candidates for consideration must be eligible to obtain a US Public Trust Clearance. 


Overview

SAIC is a premier technology integrator solving our nation's most complex modernization and readiness challenges. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes high-end solutions in engineering, IT, and mission solutions. Using our expertise in existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, Virginia, SAIC has pro forma annual revenues of nearly $7.1 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom. For SAIC benefits information, see Working at SAIC. EOE AA M/F/Vet/Disability

Share: mail

Similar Jobs

Senior Cybersecurity/Vulnerability Analyst

SUITLAND, MD, United States
Cyber

Cyber Security Engineer

SUITLAND, MD, United States
Cyber

Senior Cybersecurity Engineer

SUITLAND, MD, United States
Cyber

Senior Security Engineer (VG008060)

SPRINGFIELD, VA, United States
Cyber

Web Application Scanning Lead

WASHINGTON, DC, United States
Cyber

Offensive Cyberspace Operations (OCO) Planner

FORT MEADE, MD, United States
Cyber

Intelligence Analyst

FORT MEADE, MD, United States
Cyber

Sr Information Systems Security Engineer (ISSE)

ANNAPOLIS JUNCTION, MD, United States
Cyber

Cyber Sec Analyst Sr

ARLINGTON, VA, United States
Cyber

LAN/WAN Support Specialist

WASHINGTON, DC, United States
Cyber

Security Engineer - Senior

WASHINGTON, DC, United States
Cyber

IT Auditor Senior- Lead

WASHINGTON, DC, United States
Cyber

Security Engineer - Mid

WASHINGTON, DC, United States
Cyber

Security Engineer - Senior

WASHINGTON, DC, United States
Cyber

IT Auditor Senior- Lead

WASHINGTON, DC, United States
Cyber

Security Engineer - Senior

WASHINGTON, DC, United States
Cyber

Security Engineer - Senior

WASHINGTON, DC, United States
Cyber

Cybersecurity Architect

RESTON, VA, United States
Cyber

Cybersecurity Engineer

RESTON, VA, United States
Cyber

Information Security Manager

RESTON, VA, United States
Cyber

Senior Information Systems Security Engineer (ISSE)

ANNAPOLIS JUNCTION, MD, United States
Cyber

Information Systems Security Engineer

MCLEAN, VA, United States
Cyber

Cyberspace Analyst II

FORT MEADE, MD, United States
Cyber

Cyberspace Operations Engineer II

FORT MEADE, MD, United States
Cyber

Nessus Scanning Administrator

WASHINGTON, DC, United States
Cyber

Provide your information to receive jobs that fit you by keywords, location, and more,
and then receive great opportunities based on your skills and experience.

Join our Talent Network >