Opening for a Splunk Engineer to support the Department of State (DoS) Bureau of Information Resource Management (IRM) PKI enclave engineering and operation team. The team supports the DoS PKI program office which provides PKI based encryption and digital signature services to all users at the department’s global diplomatic missions.
This is a new functional role being added to the DoS PKI enclave Operations Management & Analytics team. The preferred candidate will be responsible for helping to deploy and manage a Splunk infrastructure, onboard new data sources, and assist with the creation and deployment of knowledge objects.
This role will change into a multi-disciplinary role that will interact directly with different functional IT and security teams outside of the program office to gather requirements, architect solutions and deliver value.
The engineer will lead an effort to build, implement and administer Splunk and Splunk Enterprise Security Suite in Windows and Linux environments, editing and maintaining Splunk configuration files and apps.
Bachelors and 10 (Ten) years of IT experience; Additional experience in lieu of degree accepted
Splunk administration experience (3+ years required)
• Experience creating and managing Splunk knowledge objects (field extractions, macros, event types, etc)
• Experience with one or more Splunk applications (ITSI, Enterprise Security, Database Connect, Splunk app for Service Now)
• Advanced knowledge of Splunk search language and search best practices Education Requirements
• Perform data ingestion and visualization for Splunk and Splunk Enterprise Security Suite
• Build and integrate contextual data into notable events
• Recognizing and onboarding new data sources into Splunk, analyzing the data for anomalies and trends, and building dashboards highlighting the key trends of the data.
• Extensive experience in SQL query development leveraging HTML, XML, CSS, Bash, Java, and Python scripts.
• May be asked to help automating Splunk deployments and orchestration within a Cloud environment Basic
• Extensive experience implementing, architecting and administering Splunk and Splunk Enterprise Security Suite
• Experience administering Linux (Redhat) and Windows OS
• Experience administering VMware infrastructure
• Certified Splunk Administrator
• Certified Splunk Enterprise Security