Splunk Architect

Role: Senior Splunk Architect

Location: Washington, DC

The Splunk Certified Architect is responsible for the Splunk architecture support for data platform and associated systems. The Splunk Architect recommends design improvements for a multisite, multi-clustered, high available environment.

The Splunk Architect integrates the federal Department of Homeland Security's (DHS) Continuous Diagnostic and Mitigation (CDM) tools and capabilities throughout the agency.

This includes the design and development of reports, dashboards, "glass tables" and optimization tools.

Manages Splunk Network Administrators and System Engineers to meet program goals. Performs ad hoc "should-to-shoulder" training with Splunk team members.

Works closely with security team members to build an automated, integrated security culture and set of capabilities.

Works with Project Team Leads and Project Managers to produce high quality products.

Responsibilities

• Developing saved searched use cases for SOC using multiple regulatory frameworks
• Designing dashboards, alerts, and reports for each required use case
• Developing SPL to discover SWAM, HWAM and VULN assets identification
• Developing automated controls
• Supporting Splunk deployment, configuration, administration, and architecture
• Providing Cybersecurity and Threat Analyst services to support active cybersecurity incidents and events from the new Logging and Event Management
• Supporting analysis and logging of Firewall event
• Configure firewall devices, rule sets, implement new and replacement firewall devices as well as provide 24 hours a day, 7 days a week and 365 days a year support for firewall maintenance and operations
• Initiate, maintain, and support all current and future transfers of log data such as Firewalls, IDS, IPS, DNS, DHCP, Web Proxy, Anti-Virus, and SMTP (IronPort as needed)
• Evaluate communication security, data vulnerability, business continuity and compliance risks along with vulnerabilities/weaknesses in systems
• Examine employee compliance with security controls and deficiencies, security policy, processes, and procedures for completeness, and ensure that controls are adequate to protect sensitive information systems
• Producing documentation for the Splunk architecture, including network port connectivity, and design choices of the associated applications
• Implement process and quality improvements through task automation
• All aspects of training
• Producing quality documentation
• Participate in internal planning and reporting processes

Clearance:

• Ability to obtain a Public Trust clearance

Education:

• Bachelors degree or prior, relevant experience in lieu of a degree
• Splunk Enterprise Certified Architect

Experience:

• Minimum of 7 years’ experience
• Splunk experience and knowledge
• Experience producing quality documentation
• Experience working with Federal government clients

Preferred Skills:

• Splunk knowledge and experience
• Cyber Security knowledge and experience
• Cloud knowledge and experience
• Networking knowledge and experience
• VMWare knowledge and experience a plus
• Microsoft 365 knowledge and experience a plus
• Platform and data migration knowledge and experience a plus

Job Types: Full-time, Contract

Salary: $71.21 - $85.76 per hour

Expected hours: 40 per week

Experience level:

• 10 years

Schedule:

• 8 hour shift
• Day shift
• Monday to Friday

Experience:

• Azure: 1 year (Preferred)
• AWS: 1 year (Preferred)
• APIs: 1 year (Preferred)

Work Location: Remote