Join our Talent Network >

Splunk Administrator

Job ID: 2014721
Location: WASHINGTON, DC, United States
Date Posted: Sep 11, 2020
Category: Cyber
Subcategory: Cyber Sec Analyst
Schedule: Full-time
Shift: Day Job
Travel: No
Minimum Clearance Required: None
Clearance Level Must Be Able to Obtain: Public Trust
Potential for Remote Work: No

Share: mail

Job Description

Description

SAIC is seeking a Splunk Administrator to join SAIC to support our PBGC customer in Washington, D.C. This position is a member of a team that supports the Pension Benefit Guaranty Corporation (PBGC), an independent agency of the United States government. The team operates within the agency’s Information Technology Infrastructure Operations Department (ITIOD). The role is a part of the Security Operations team in support of the PBGC ITIOD. The successful candidate will perform Splunk platform administration and related tasks, reporting to the Security Operations Manager.

 
  • Architect, design, support, and maintain Splunk infrastructure for a highly available and disaster recovery configuration.
  • Support and maintain complete logging infrastructure including, but not limited to, log storage, syslog and Windows Event Collector servers, and database connections
  • Administer Splunk Enterprise Security.
  • Troubleshoot Splunk platform and application issues, escalate the issue and work with Splunk support to resolve issues.
  • Create and manage Splunk knowledge objects (field extractions, macros, event types, etc.).
  • Onboard new data sources into Splunk, analyzed the data for anomalies and trends, and built dashboards highlighting key trends.
  • Perform data mining and analysis, utilizing various queries and reporting methods.
  • Implement KV stores, lookups, and data model acceleration to optimize search performance and reporting.
  • Build and integrated contextual data into notable events.
  • Interact with end users to gather requirements.
  • Perform routine health checks, maintenance tasks, update, upgrade, and implement new capability.
  • Monitor the agent and server infrastructure for capacity planning and optimization
  • Develop security use cases within Splunk Enterprise Security for SOC consumption
  • Mentor users and other groups on their use of Splunk.
  • Develop, execute, and improve work instructions, architecture diagrams and other technical documentation related to Splunk update, upgrade, and health check. 
  • Monitor license consumption/make recommendations based on trends in license usage
  • Effectively and accurately document work in various formats including work instructions, change management requests, incident tickets, and email. 
  • Improve efficiency through process improvement and automation.
  • The individual must have hands-on technical knowledge of some of the following:  SIEM, networking, Linux administration, Windows administration, scripting, and automation.
  • The individual must be able to communicate effectively with a minimum of supervision in verbally and in writing.  Must be able to use Word, PowerPoint, and SharePoint effectively.
 
#PBGC 
 

This position is temporarily remote due to Covid-19.


Qualifications

EXPERIENCE & EDUCATION:

  • Expertise with Linux and command-line interface.
  • Intermediate level understanding of Solaris, Linux, and Windows operating systems and Oracle/MSSQL databases.
  • Experience deploying apps within Splunk and administrating the Splunk platform.
  • Experience with data normalization and data modeling within the Splunk environment.
  • Experience in creating and managing Splunk DB connects Identities, Database connections, Database inputs, outputs, lookups, access controls
  • Experience with the development of documentation, architecture diagrams, and process and procedures for end users.
  • Experience with Regular Expressions (regex).
  • Knowledge of Splunk architecture and best practices.
  • Knowledge of advanced search and reporting commands.
  • Knowledge of network technology and common internet protocols.
  • Understanding of system log files and other structured and non-structured data.
  • Understand methods of collection, logging, windows filtering, and tuning / baselining data.
  • Bachelor's degree plus seven (7) years of related information security experience otherwise ten (10) years of IT work experience.
  • Five (5) years of experience in administering Splunk.
  • Three (3) years of experience in administering Operation systems (Windows and Linux).
  • Two (2) years of experience in scripting and automation.
  • Three (3) years of experience developing, executing, and improving work instructions and other technical documentation related to Splunk Administration.
  • Current Splunk User and Power User certification required.
  • Current Splunk Certified Administrator required; Splunk Architect highly preferred.

SECURITY CLEARANCE: All candidates for consideration must be eligible to obtain a US Public Trust Clearance.




Overview

SAIC is a premier technology integrator solving our nation's most complex modernization and readiness challenges. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes high-end solutions in engineering, IT, and mission solutions. Using our expertise in existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, Virginia, SAIC has pro forma annual revenues of nearly $7.1 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom. For SAIC benefits information, see Working at SAIC. EOE AA M/F/Vet/Disability

Share: mail

Similar Jobs

Cyber Security Analyst

FORT BELVOIR, VA, United States
Cyber

Cyberspace Intelligence Analyst II

FORT MEADE, MD, United States
Cyber

Security Tools Administrator

WASHINGTON, DC, United States
Cyber

Senior Security Tools Administrator

WASHINGTON, DC, United States
Cyber

Sr. Cyber Security Analyst

ARLINGTON, VA, United States
Cyber

Senior Information Systems Security Engineer (ISSE)

ANNAPOLIS JUNCTION, MD, United States
Cyber

Principal Cyber Security Analyst

RESTON, VA, United States
Cyber

Cyberspace Joint Operations Planner III

FORT MEADE, MD, United States
Cyber

Computer Network Defense/Incident Response Analyst

FORT MEADE, MD, United States
Cyber

Nessus Scanning Administrator

WASHINGTON, DC, United States
Cyber

Cyber Operations Specialist Principal

FORT MEADE, MD, United States
Cyber

Cyberspace Analyst II

FORT MEADE, MD, United States
Cyber

Information System Security Manager

CHANTILLY, VA, United States
Cyber

Cyber Security Analyst

RESTON, VA, United States
Cyber

Splunk Administrator

WASHINGTON, DC, United States
Cyber

Information Systems Security Officer

FORT MEADE, MD, United States
Cyber

Senior ISSO

RESTON, VA, United States
Cyber

Cyber Security Lead

STERLING, VA, United States
Cyber

Information Systems Security Officer

FORT MEADE, MD, United States
Cyber

Chief Security Architect

WASHINGTON, DC, United States
Cyber

Cyber Security CND SME

RESTON, VA, United States
Cyber

Cyber Eng/Archt Chief

WASHINGTON DC, DC, United States
Cyber

Senior Cyber Security Specialist

FORT BELVOIR, VA, United States
Cyber