Sr. Splunk Administrator

The ideal candidate will have deep expertise in Splunk Enterprise, Splunk ES, and distributed architectures, with experience operating in classified (TS/SCI) environments and supporting RMF, continuous monitoring, and Zero Trust initiatives., * Demonstrated experience using Splunk Search Processing Language to assist customers in creating queries, setting alerts, identifying event conditions, and building dashboards. Develop reliable, efficient, and re-usable queries that will drive custom alerts and dashboards

• Assist users in accessing and identifying relevant audit logs, both for troubleshooting and cybersecurity compliance purposes.

• Assisting customers in configuring dashboards to facilitate their own audit log analysis, and generally assisting customers in developing Splunk solutions for their use cases.

• Data onboarding to high data quality standards and CIM compliance.

• Installing, configuring, and deploying Splunk infrastructure, to include search heads, indexers, forwarders, and other Splunk components in large deployment.

• Support large-scale deployment with data feeds from multiple locations worldwide

• Monitor and maintain Splunk performance, availability, and capacity. Recommend configuration changes to improve the performance, stability or usability of the platform.

• Work independently, take initiative, and proactively troubleshoot and resolve platform issues.

• Act as the Splunk liaison for Splunk technical questions, issues or escalations. This will include working with Splunk Support, Product Management or others as needed.

• This position is designed to be flexible, with responsibilities evolving to meet business needs and enable individual growth.

• Top Secret security clearance
• High school graduation or GED. High-level education, such as a technical bachelor's degree, is highly valued but not required.
• At least 8 years of IT experience, with at least a year working directly with Splunk, either as a power user or as a system administrator.
• Experience with the Department of Defense or other federal agencies is preferred but not required.
• Hold an industry certification related to any of the following technologies: Windows OS, Red Hat Enterprise Linux, Microsoft Azure, Amazon Web Services, or VMWare. Other industry certifications may also be applicable for this position and will be considered upon request.
• Experience with scripting languages such as bash, python and powershell.
• Broad understanding of IT infrastructure, including network, system, application and compliance, and corresponding logs generated.
• Splunk Enterprise Certified Admin certification strongly preferred. If the successful candidate does not already hold this certification at the time of hire, he/she will be expected to obtain it within 6 months of starting
• CompTIA Security+ or equivalent certification required, either at the time of hire or within 6 months of starting if not already held.

• 401(k) with 100% company match on the first 6% deferred, with immediate vesting
• Comprehensive medical, dental, and vision coverage-employee portion paid 100% by Core4ce
• Unlimited access to training and certifications, with no pre-set cap on eligible professional development
• Tuition assistance for job-related degrees and courses
• Paid parental leave, PTO that grows with tenure, and generous holiday schedules
• Got a big idea? At Core4ce, The Forge gives every employee the chance to propose bold innovations and help bring them to life with internal backing.

Join us to build a career that matters-supported by a company that invests in you.