SkyePoint Decisions, Inc.

Returning Candidate?

Splunk Engineer

Splunk Engineer

ID 
2017-1522
Job Location 
US-MD-Beltsville
Job Type 
Immediate Hire
Category 
Information Technology

More information about this job

Overview

The SIEM Integration Engineer will perform various tasks and hold key responsibilities within a newly created team in Beltsville, MD

 

The successful candidate will possess deep technical knowledge and experience on the deployment and administration of distributed Splunk environments.  The successful candidate will possess deep technical knowledge on a number of security technologies; have a solid understanding of information security and networking and extensive experience interacting with customer.  The SIEM Integration Engineer is responsible for integration of client specific SIEM management solutions. 

 

In this role you will be responsible for the day to day maintenance of a distributed Splunk environment.  You should be well versed in the best practices for designing and implementing Splunk architectures.  This includes clustering (search head clustering and indexer clustering), capacity planning and scalability, distributed setup, and performance specifications.  Experience with system administration on Linux and Windows operating systems; and experience with many of today’s security tool sets (IPS/IDS, AV, Firewalls, Switches, etc.) is highly desirable.  Experience with Splunk apps such as dbconnect is also desirable.

Responsibilities

  • Perform installation, configuration management, capacity planning, license management, data integration, data transformation, field extraction, event parsing, data preview, and application management of Splunk platform.
  • Design and customize complex search queries, and promote advanced searching, forensics and analytics, develop dashboards, data models, reports and optimize their performance.
  • Develop, implement, and document configuration standards, policies, and procedures for operating, managing, and ensuring the security of the Splunk infrastructure.
  • Participate in incident, problem, and change management processes related to Splunk.
  • Work closely with Linux and Windows server administration teams to diagnose and resolve configuration issues.
  • Analyze logs for the all major applications and come up with most affected areas or reoccurring issues.

Qualifications

REQUIRED:

  • Bachelor’s degree or equivalent experience
  • Active Top Secret
  • Splunk Certified Admin or at least 3 years of demonstrated hands on experience will also suffice.
  • Linux and Windows server administration

DESIRED:

  • Splunk Certified Architect
  • CISSP or equivalent
  • Strong written and verbal communication skills.
  • Hands on experience with Virtualization Technology such as VMWare
  • Scripting/Programming experience in Python, Perl, Powershell or Bash.
  • Active Directory and LDAP
  • Firewalls and internet proxy devices
  • Security monitoring practices
  • Unix or Linux shell environments

 

SkyePoint Decisions is an established ISO 9000:2008 certified small business headquartered in Dulles, Virginia, with local offices across the Washington, DC, metropolitan area. SkyePoint Decisions has grown into a successful federal contractor by combining industry best practices with innovative solutions that consistently meet or exceed customer requirements. We understand and integrate our customer’s technology and mission requirements to successfully deliver high quality, cost effective services on time and on budget.

 

SkyePoint Decisions empowers a secure dynamic workforce to complete any mission -- anytime, anywhere. It’s what we call Agency Anywhere®. SkyePoint Decisions delivers Agency Anywhere® by tightly integrating our technical competencies (cybersecurity, cloud services, remote access, collaboration, system & network optimization, device management and more) to provide our customer’s operating environments with the security, flexibility, availability, and operational continuity required to enable today’s on-the-go federal workforce to successfully and securely complete any mission – anytime, anywhere.

 

SkyePoint Decisions is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity Employer, making decisions without regard to race, color, religion, sex, national origin, age, veteran status, disability, or any other protected class. U.S. Citizenship is required for most positions.