Previous Job
Splunk Systems Engineer
Ref No.: 17-00407
Location: Washington, District of Columbia
Position Type:Contract
Experience Level: 11 Years
Start Date / End Date: 12/28/2017 to 07/31/2018
Currently, our client is seeking a Sr. Splunk Systems Engineer in Washington, DC. The selected candidate must be able to ob­tain a Public Trust Suitability clearance, per contract require­ments.
  • Implement, architect, administer Splunk and Splunk Enterprise Security Suite
  • Perform data ingestion and data visualization for Splunk and Splunk Enterprise Security Suite
  • Provides technical, man­agerial and administrative direction relative to the problem definition and analysis and recommends alterative solution to higher level client man­agement for further ultimate implementation.
  • Build and integrate contextual data into the notable events, and workflow within Splunk Enterprise Security Suite
  • Development of configuration files for Splunk and custom­ized applets (apps).

  • BS and 14 yrs. related experience, MS + 12 yrs. related experience or equivalent experience in lieu of education.
  • 5 years of administering or implementing Splunk Enterprise and Splunk Enterprise Security Suite in distributed and clustered architecture
  • Must possess the following two certifications:
  • Certified Splunk Administrator
  • Certified Splunk Enterprise Security
  • Expertise in SPL query development, data visualization uti­lizing HTML, XML, CSS and JAVA and Python scripts, Expertise implementing Enterprise Security Suite from beginning to the end while integrating with other security appliances such as Sourcefire, FireEye, Firewalls, Web Proxy, ePO, Tenable, Amazon Web Services, Akamai, iSight (including other publically available threat intelli­gence communities)
  • Ability to leverage REST API for purpose of advanced Splunk administration and Splunk query automation
  • Expertise in administering Linux O/S such as Redhat Enter­prise
  • Experience in managing AWS Splunk instances and inte­gration with on prem Splunk Enterprise

Desired Qualifications
  • Experience developing app configurations, upgrading and validating Splunk and various Splunk and 3rd party released app configuration
  • Performed capacity planning for the purpose of both optimizing current storage utilization and project for license and storage requirements
  • Ability to code in Perl, Python, and Shell, including expertise in REGEX – Possesses work experience and solid under­standing in Splunk SDK
  • Possesses work experience and skills in developing customization of visualization of data via implementing panels, dashboard, data models, custom searches, lookups and custom commands, including ability to incorporate HTML, CSS, Java scripts and XML