Senior Splunk Systems Engineer - 3631

MSI is seeking a Senior Splunk Engineer to support our government client in Washington, DC


Job Description:

Our government client is seeking a Sr. Splunk Systems Engineer in Washington, DC. The selected candidate must be able to ob­tain a Public Trust Suitability clearance, per contract requirements.

Tasks and responsibilities in this role include, but are not lim­ited to the following:

  • Implement, architect, administer Splunk and Splunk Enterprise Security Suite
  • Perform data ingestion and data visualization for Splunk and Splunk Enterprise Security Suite - Provides technical, man­agerial and administrative direction relative to the problem definition and analysis and
  • Recommends alterative solution to higher level client man­agement for further ultimate implementation.
  • Build and integrate contextual data into the notable events, and workflow within Splunk Enterprise Security Suite
  • Development of configuration files for Splunk and custom­ized applets (apps).

Qualifications:

  • BS and 14 yrs. related experience, MS + 12 yrs. related experience or equivalent experience in lieu of education.
  • 5 years of administering or implementing Splunk Enterprise and Splunk Enterprise Security Suite in distributed and clustered architecture
  • Must possess the following two certifications:
    • Certified Splunk Administrator
    • Certified Splunk Enterprise Security
  • Expertise in SPL query development, data visualization uti­lizing HTML, XML, CSS and JAVA and Python scripts,
  • Expertise implementing Enterprise Security Suite from beginning to the end while integrating with other security appliances such as Sourcefire, FireEye, Firewalls, Web Proxy, ePO, Tenable, Amazon Web Services, Akamai, iSight (including other publically available threat intelligence communities)
  • Ability to leverage REST API for purpose of advanced Splunk administration and Splunk query automation
  • Expertise in administering Linux O/S such as Redhat Enter­prise
  • Experience in managing AWS Splunk instances and inte­gration with on prem Splunk Enterprise

Desired:

  • Experience developing app configurations, upgrading and validating Splunk and various Splunk and 3rd party released app configuration
  • Performed capacity planning for the purpose of both optimizing current storage utilization and project for license and storage requirements
  • Ability to code in Perl, Python, and Shell, including expertise in REGEX - Possesses work experience and solid under­standing in Splunk SDK
  • Possesses work experience and skills in developing customization of visualization of data via implementing panels, dashboard, data models, custom searches, lookups and custom commands, including ability to incorporate HTML, CSS, Java scripts and XML

 

MSI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, or national origin.