Splunk Administrator

Location:  US – Crystal City, VA

Employment Type:  Full-Time Regular

Clearance Required:  Secret

Shift:  First

Travel:  No

Relocation Provided:  No

Ennoble First Inc. is a fast-growing Certified Small Business focused in serving customers in the realm of Government, Healthcare, and Commercial Information Technology Services. 

Duties/Tasks and Responsibilities:

The Splunk Engineer will focus on Splunk architecture, installation, administration, and development, with a goal toward enhancing the Splunk infrastructure as it relates to application/machine data, troubleshooting, reporting, custom queries, dashboards, and security roles administration.  In addition to log analytics, you will help administrate a variety of other platforms within the Enterprise Management suite. 

  • Architect, design, support, and maintain Splunk infrastructure for a highly available and disaster recovery configuration
  • Administering Splunk and Splunk App for Enterprise Security (ES) log management
  • Standardize Splunk agent deployment, configuration and maintenance across a variety of UNIX and Windows platforms
  • Troubleshoot Splunk server and agent problems and issues
  • Assist internal users of Splunk in designing and maintaining production-quality dashboards
  • Mentor users and other groups on their use of Splunk
  • Monitor the agent and server infrastructure for capacity planning and optimization
  • Design core systems performance and troubleshooting logs
  • Support Splunk on Unix, Linux and Windows-based platforms
  • Perform data mining and analysis, utilizing various queries and reporting methods
  • Solve complex Integration challenges and debug complex configuration issues
  • Technical writing/creation of formal documentation such as architecture diagrams, technical designs, and SOPs

Required Qualifications:

  • Splunk experience - minimum 2 to 5 years' experience architecting, configuring, deploying, and customizing the tool
  • Strong understanding of Splunk configuration files and architecture
  • Knowledge of advanced search and reporting commands
  • Demonstrated ability to create complex dashboards, forms, and visualizations
  • Bachelor’s degree in Computer Science, Information Security or related technical field; or 10 - 12 years of relevant work experience
  • Understanding of System Log Files and other structured and non-structured data
  • Intermediate level understanding of Solaris, Linux and Windows operating systems
  • Security+ certification
  • Current Secret Clearance required; SSBI preferred
  • Effective verbal and written communication skills that include the ability to describe highly technical concepts in non-technical terms

 Desired Skills: 

  • Splunk Architect or Splunk Administrator certification preferred
  • Knowledge of a scripting language and UNIX command line
  • Experience working in DISA and working with the DISA DECC environment
  • Strong knowledge of application monitoring and event management
  • Knowledge in the Common Information Model (CIM), Understand the relationship between the CIM and knowledge objects, ability to create a lookup file and create a lookup definition & field aliases and calculated fields
  • In depth understanding of Splunk license management preferred

 

 

Equal Opportunity Employer - minorities / females / veterans / individuals with disabilities / sexual orientation / gender identity 

Equal Opportunity Employer, including disabled and veterans.
View Company Information

To see other positions, click here.