SENIOR SPLUNK ENGINEER

SENIOR SPLUNK ENGINEER

MILITARY FRIENDLY & PREFERRED - HOH SPONSOR

Zermount seeks a Senior Splunk Engineer who is accomplished at architecting the platform, recognizing and onboarding new data sources, deploying functionalities across an enterprise, developing content for disparate user communities, analyzing platform performance trends, administering infrastructure, and guiding clients into modern methods of leveraging Splunk for security use cases and beyond.

RESPONSIBILITIES:

• Architect, implement, configure, maintain, administer, upgrade, and troubleshoot Splunk Enterprise
• Onboard, ingest, parse, normalize, and troubleshoot new data sources
• Work with disparate machine data such as network traffic, application logs, databases, cloud sources, etc.
• Install, configure, upgrade, and troubleshoot Splunk Apps and Add-ons
• Administer and troubleshoot Splunk server infrastructure (RHEL)
• Monitor Splunk performance, connectivity, license usage, and overall health
• Support and extend the Splunk platform with apps, add-ons, and knowledge objects
• Develop searches, reports, and dashboards for internal and external users
• Work with stakeholders, leadership, SOC personnel, and other users to establish requirements and targets
• Translate business needs and goals into functional, architectural, and deliverable requirements
• Track work efforts via Request/Incident tickets and Kanban tasks
• Work with program/project leadership to accurately update high-level efforts

REQUIRED:

• 5 years of deploying, engineering, and administrating Splunk Enterprise
• Splunk Certified Administrator Certification
• Splunk Certified Architect Certification
• Experience with engineering and administrating multi-site-clustered Splunk
• Experience with configuring Splunk .conf files on a Linux terminal
• Experience configuring syslog-ng from scratch on RHEL SELinux
• Experience with Splunk DB Connect and custom SQL queries

CLEARANCE:

• Must be able to pass a Minimum Background Investigation

PREFERRED:

• Splunk Core Consultant Certification
• Linux Administration Certification
• Cribl Certification
• Experience with custom integrations written in Python, Bash, or PowerShell
• Experience with custom front-end development in JavaScript and React
• Experience with administering and engineering Cribl distributed deployments
• Experience using Cribl to consolidate data sources and trim unnecessary Splunk license usage