Address
Form of work
SalaryJob Description
The Splunk Engineer will be responsible for the entire end to end deployment of the Splunk family of software to support OFR's log retention, aggregation and analysis requirements. It is required that the candidate be well versed in Splunk technology and implementation of best practices and have a working knowledge in the variety of architectural variations of the Splunk product. This includes Splunk scalability, capacity planning, distributed setup, Search Head Clustering, Index Clustering, and performance specifications. Experience with storage technologies, SQL Server, Hadoop, platform administration on Linux and Windows and experience with many of today’s security tool sets (IPS/IDS, AV, Firewalls, Switches, etc.) is highly desirable. Experience with Splunk premium apps such as Enterprise Security is also desirable.
Job Requirements:
Key Tasks and Responsibilities
- Perform installation, configuration management, capacity planning, license management, data integration, data transformation, field extraction, event parsing, data preview, and application management of Splunk platform
- Design and customize complex search queries, and promote advanced searching, forensics and analytics
- Develop dashboards, data models, reports and optimize their performance.
- Develop, implement, and document configuration standards, policies, and procedures for operating, managing, and ensuring the security of the Splunk infrastructure.
- Participate in incident, problem, and change management processes related to Splunk.
- Work closely with Linux and Windows server administration teams to diagnose and resolve configuration issues.
- Analyze logs for the all major applications and come up with most affected areas or reoccurring issues.
Education & Experience
- A bachelor’s degree in Computer Science or a related engineering field with training in information security
- Strong written and verbal communication skills.
- Hands on experience with Enterprise Applications
- Hands on experience with Security Tools such as IDS/IPS, Anti-virus, Endpoint Management
- Hands on experience with Virtualization Technology such as VMWare
- Hands on experience with Storage Technology such as NetApp or Panassas
- Scripting/Programming experience in Python, Perl, Powershell or Bash.
- Active Directory
- Firewalls and internet proxy devices
- Security monitoring practices
- Unix or Linux shell environments
- Event flows (i.e. Syslog)
- Security Information Event Management (SIEM)
- Experience working in a large government or corporate enterprise environment.
Certifications
- Splunk Architect Certification, Splunk Certified Administrator
- CISSP, SANS GIAC, Security+, Network+, Linux+, MCSE, RHCE or CCNA-Security preferred
Security Clearance
- Ability to obtain a Public Trust
- Must be a U.S. Citizen
Computer World Services is an affirmative action and equal employment opportunity employer. Current employees and/or qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, disability, protected veteran status, genetic information or any other characteristic protected by local, state, or federal laws, rules, or regulations.
Computer World Services is committed to the full inclusion of all qualified individuals. As part of this commitment, Computer World Services will ensure that individuals with disabilities (IWD) are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact Aaron McClellan in Human Resources at
314.952.5138 or [email protected].
