The Splunk Architect/Engineer is responsible for the design, development, and implementation of the Splunk infrastructure as well as support operations activities. The operational Splunk environment continues to go through revisions to meet requirements demands. In addition, the Splunk architecture is anticipated to change platforms from on prem to a cloud-based environment. The Splunk Architect/Engineer is responsible for designing and executing these changes to implement the future state of Splunk for the client. They will work closely with the data acquisition team, the business teams, and the executive management on the government side to provide comprehensive architecture solutions meeting the client's requirements and future needs. The Splunk Architect/Engineer must also have experience working in an Agile environment. The Splunk Architect/Engineer is the Splunk SME for all things Splunk.
· Support and lead evolving business development efforts by applying technical and functional expertise to develop business solutions.
· Lead proposal sections for small or limited competition proposals and actively participate in teaming strategy discussions
- Bachelor’s and minimum 8 years of related experience, Master’s and 6+ years of related experience, or Doctorate and 4 years related experience; or equivalent experience.
- Splunk Subject Matter Expert (SME)
- Experience designing, building, maintaining, large Splunk infrastructures in AWS
- Expert Splunk application and dashboard developer using complex data searches
- Experience optimizing applications to reduce impact on resources
- Experience with Splunk administration, configuration, tuning large environments
- Experience with data onboarding, Splunk TAs
- Experience managing complex data, specifically managing role-based access control, configuring roles and designing data onboarding to support current and future roles
- Experience with Regex and custom scripting
- Expertise in Splunk SPL and python
- Experience with Splunk Premium Apps - ITSI and Enterprise Security (ES) minimally.
- Experience with and very comfortable working in an agile environment
- Must be able to obtain an IRS Public Trust background investigation (US Citizen or Green Card holder with a minimum of 3 years in US, fully paid taxes or approved payment plan, males must have registered with US Selective Service or been not required to register with Selective Service if arrived in country after 26th birthday)
- Strong communication skills
- Ability to collaborate and work efficiently and effectively in a remote environment
- Productive and proactive. Reach out to the team for assistance or to provide assistance.
Desired skills and knowledge:
- Splunk Certified Architect HIGHLY desired
- Experience with Splunk Premium products and other add-ons - UBA, Qmulos, and Phantom
- Other cybersecurity certification (Security+, CISSP) desirable