Avint LLC is seeking a motivated, career, and customer oriented Splunk Engineer to join our growing team. This individual will manage and operate the organization's Splunk environment. This individual must be able to interact with Senior leadership and present findings and possible solutions where needed. This individual must also be a self-starter, gathering requirements while also providing solutions where needed. This individual must also be able to relay information to technical and non-technical contributors.
Position Responsibilities:
- Operation of the Splunk Environment
- Troubleshooting new and current data collection issues
- Troubleshooting system issues that make the system unstable or unusable
- Deploying and managing commercial and custom Splunk add-ons required to fetch data from specific sources
- Designing, developing, and implementing data models while aggregating several data sources
- Implementing Splunk upgrades
- Extracting specific data attributes via regular expressions and transformations
- Creating custom dashboards, writing queries, and generating on-demand and saved search reports, and setting up alerts and notifications
- Integrating Splunk with other systems via API or other similar methods
- Developing and implementing solutions to integrate data provided into Splunk Indexes
- Analyzing data in Splunk indexes to determine relevant queries to populate specialized reporting dashboards, and modify Splunk Enterprise Security default searches to remove irrelevant alerts
- Designing, building, testing, and maintaining scalable and stable technology solutions to meet mission systems monitoring goals
- Performing automation tasks through scripting and testing
- Excellent Leadership and team building skills
- Provide monitoring data for networks, servers, workstations and other devices reporting to Splunk
- Provide support for the full-engineering lifecycle, including analysis, requirements, design, development, implementation, testing, integration, and documentation
Requirements
- US Citizenship Required
- Secret Clearance required
- BA/BS in Information Security or related IT field with 8+ years of relevant experience
- 8+ years of experience with deploying, configuring, and performing functional testing and data validation in a Splunk environment
- 3+ years of experience with Splunk performing systems administration, including performing installation, configuration, monitoring system performance and availability, upgrades, and troubleshooting
- 2+ years of experience with designing, implementing, configuring, operating, or testing IT systems or security infrastructure
- 2+ years of Python programming experience specific to a Splunk environment
- Extensive experience with configuring, monitoring, and troubleshooting Splunk
- Significant experience ingesting data from multiple sources into Splunk
- Required: Relevant Cybersecurity Certification (CISSP, CISA, CISM, Sec+)
- Splunk Certified Architect Certification Preferred
- Experience in automating Splunk Deployments within a Cloud Environment (AWS, GCP, or Azure)
- Demonstrate strong communication skills (oral and written) and the ability to work with both teammates and senior leadership; leads working sessions to solicit ideas and develop solutions
- Proactively lead teams in the execution of complex tasks with minimal direction and produces high quality results
- Serve as a Career Manager responsible for performance management and professional development
- Proficiency in Microsoft Office Suite of tools (Excel, Word, Teams, Outlook)
- Proficiency in Linux/Unix environments as well as Windows
- Proactively drives business growth within a specific market segment (DOD, FedCiv, Commercial)
- Palo Alto firewall logs
- Linux audit logs
- PostgreSQL logs
- AWS Cloudtrail
- Red Hat IdM logs
- Trend Micro logs
- Setting up Enterprise Security
- Firewall configuration changes
- Shell access to certain priority VMs
- Use of root credentials
Benefits
Joining Avint is a win-win proposition! You will feel the personal touch of a small business and receive BIG business benefits. From competitive salaries, full health, and generous PTO and Federal Holidays. Additionally, we encourage every Avint employee to further their professional development. To assist you in achieving your goals, we offer reimbursement for courses, exams, and tuition. Interested in a class, conference, program, or degree? Avint will invest in YOU and your professional development!
Avint is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity and Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class.