Current DoD TS/SCI security clearance.
All candidates must be US CITIZENS to be considered for the position.

Job Description:
We have an IMMEDIATE NEED a highly skilled Senior Splunk Administrator to join our team and
take charge of designing, implementing, and maintaining our Splunk environment as part of the
DISA Defense Red Switch Network in support of an enterprise VoIP management system. The ideal
candidate will possess a deep understanding of Splunk architecture and its various components
including forwarders, indexers, and web interfaces. Moreover, proficiency in setting up Splunk on a
Red Hat Enterprise Linux 8 (RHEL 8) system that is hardened is essential for this role. Additionally,
the candidate should demonstrate expertise in integrating Splunk with RSA and effectively
configuring it to work seamlessly with both RHEL 8 and Windows environments.
 
Responsibilities:
 Design and Architecture: Design, implement, and maintain Splunk environments including
forwarders, indexers, search heads, and deployment servers.
 Installation and Configuration: Install, configure, and integrate Splunk and its components on
RHEL 8 systems, ensuring optimal performance, scalability, and security.
 Security Hardening: Harden the Splunk environment on RHEL 8 systems to meet security
compliance standards and best practices.
 Integration: Integrate Splunk with RSA for secure authentication and authorization across the
environment.
 Monitoring and Maintenance: Monitor Splunk infrastructure health, performance, and capacity;
perform routine maintenance tasks to ensure uninterrupted service.
 Troubleshooting: Troubleshoot issues related to Splunk infrastructure, including performance
bottlenecks, data ingestion problems, and search optimization.
 Documentation: Create and maintain comprehensive documentation including architecture
diagrams, installation guides, and troubleshooting procedures.
 Collaboration: Collaborate with cross-functional teams including security, network, and system
administrators to ensure seamless integration of Splunk within the IT infrastructure.

Core Qualifications:

 Bachelor’s degree in Computer Science, Engineering, or a related field and a minimum of 12+
years of experience in system administration, database administration, network engineering,
software engineering, or software development, with a concentration in Cybersecurity
 Eight (8) years of experience with Linux and Windows system administration or an advanced
understanding of operating systems and common operating environments
 Five (5) years of experience administering Splunk in distributed deployments
 Excellent written and verbal communication skills, ability to work closely with multiple customers,
manage expectations and track engagement scope
 Proficient at data on-boarding activities including routing, parsing, and normalizing events to the
Splunk Common Information Model (CIM)
 Proficient onboarding data using Splunk add-ons for Windows, Linux, and common third-party
devices and applications
 Experience onboarding data into Splunk via forwarder, scripted inputs, and modular inputs from
a variety of sources
 Experience with Splunk performing systems administration, including performing installation,
configuration, monitoring system performance and availability, upgrades, and troubleshooting
 General knowledge of networking and security troubleshooting (firewalls, routing, NAT, etc.)
 Splunk implementation and troubleshooting experience
 Proficiency developing log ingestion and aggregation strategies per Splunk best practices
 Perform integration activities to configure, connect, and pull data with 3rd party software APIs
 Ability to autonomously prioritize and successfully deliver results
 Must have a Splunk Certified Architect certification

Preferred Qualifications:
 Experience configuring and maintaining the tool in a multi-tenant environment
 Experience troubleshooting RSA and Windows integration.
 Experience troubleshooting RSA integration with Linux through PAM
 Experience troubleshooting Cisco ISE AAA
 Experience in troubleshooting LDAPS
 Experience with application integration with Radiant One through LDAPS