Splunk SME

SKYBRIDGE AVIATION
Reston, United States of America
9 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Reston, United States of America

Tech stack

Data analysis
Automation of Tests
Cloud Computing
Computer Networks
Python
Cloud Services
Shell Script
Security Information and Event Management
Data Processing
System Availability
Splunk

Job description

A Splunk Subject Matter Expert (SME) plays a critical role in the deployment, configuration, and maintenance of Splunk environments. This position requires an in-depth understanding of Splunk architecture, administration, and the ability to leverage Splunk for data analysis and monitoring. The SME will be responsible for designing, implementing, and optimizing Splunk solutions to meet the organization's needs., * Design, implement, and maintain Splunk infrastructures, ensuring optimal performance and scalability. This includes managing Splunk clusters, indexers, search heads, and forwarders.

  • Collaborate with various teams to identify data sources, and ensure data is ingested into Splunk accurately and efficiently. Create and manage data inputs, indexes, and source types.
  • Continuously monitor the health of the Splunk environment, identify and resolve performance issues, and ensure high availability.
  • Perform root cause analysis for any Splunk-related problems.
  • Ensure Splunk configurations and data handling comply with organizational policies and industry standards.
  • Implement security measures within Splunk, including role-based access controls.
  • Create and maintain comprehensive documentation for Splunk configurations, procedures, and best practices. Provide training and support to users and teams on Splunk functionalities.
  • Integrate Splunk with other tools and platforms, such as SIEM, ITSM, and Cloud services. Develop automation scripts to streamline Splunk operations and maintenance tasks.

Requirements

  • Must hold active TS/SCI security clearance. Active CI Polygraph is preferred.
  • Minimum of 10+ years of experience working with Splunk, including advanced knowledge of Splunk Enterprise, Splunk Cloud, and Splunk ITSI. Proven track record of successful Splunk deployments and management.
  • Proficiency in SPL (Search Processing Language), Python, and shell scripting. Familiarity with Linux/Unix environments and fundamental networking concepts.
  • Active Splunk Certified Architect certification is strongly preferred.

Apply for this position