Agile Defense is hiring a
Senior Splunk Engineer

Summary

The job is for a Splunk Engineer working remotely in the Security Operations Center (SOC) of a U.S. Government program. The role involves installing and maintaining Splunk infrastructure, gathering requirements from customers, leading a team of engineers, developing data storage strategies, designing and administering Splunk infrastructure, and more. Requires an active DoD - Public Trust clearance, a Splunk certification, a Bachelor's degree, and 8+ years of experience.

Requirements

• Active DoD - Public Trust clearance
• Splunk certification
• Bachelor's degree
• 8+ years of experience working in a professional environment

Responsibilities

• Conceptualize, design, build, and maintain current and future customer-supported tools and platforms
• Manage multiple assignments, changing priorities, and work independently with little oversight
• Lead team of Splunk engineers in the management of Splunk solution to optimize data availability for SOC and other stakeholders
• Develop data storage, access, and retention strategies for a large IT enterprise using industry standards and best practices to advise Customer executive-level stakeholders
• Design, build, implement, and administer Splunk infrastructure in on-prem and cloud environments
• Create, manage, and support automation solutions for Splunk deployment and orchestration in on-prem and cloud environments
• Work with existing and custom Splunk applications and add-ons to fulfill customer needs
• Provide overall engineering and design support for a distributed Splunk environment consisting of heavy forwarders, indexers, and search head servers, spanning security, performance, and operational roles
• Onboard data to Splunk via forwarder, scripted inputs, TCP/UDP, and modular inputs from various sources
• Normalize data to ensure CIM compliance, and develop data models to accelerate queries, dashboards, and correlation searches
• Work closely with all relevant stakeholders to solve technical problems at the network, system, and application levels
• Conduct periodic architectural reviews of Splunk and related systems to assess effectiveness and propose optimal installation alternatives as required

Preferred Qualifications

• Experience with SIEM tools, endpoint security, or digital forensics
• Experience with system engineering, computer science, information systems, engineering science, or engineering management
• Knowledge of security architecture design and integration