Splunk Administrator

Company: Tallon Recruiting & Staffing
Location: Arlington
Posted on: February 22, 2021

Job Description:

Splunk Administrator VA, Arlington 22202 Security Clearance: U.S. Citizen, Current Security Clearance, Secret Skills: Splunk, SOC, SOAP, JSON, REST API, Scripting, RegEx, Linux CLI, Windows, CybersecurityWe are recruiting for a Splunk Administrator to support DoD Security Operations Center (SOC) environment. Qualified candidates will have experience developing cybersecurity monitoring content in Splunk and experience working a DoD or SOC environment. Duties and responsibilities include:

• Support development of cybersecurity monitoring content in Splunk to support SOC monitoring capabilities
• Integrate Splunk with application data sources
• Refine audit levels at log source and Splunk log ingest settings to maximize program capability to monitor for cybersecurity-relevant events
• Provide consultation to government client, as requested, to customize and configure Splunk to meet program requirements
• Provide administration for Splunk and Splunk Apps including developing new or extending existing Apps to perform specialized functionality
• Support a blended team working closely with Infrastructure, Application, and Cybersecurity project teams for Splunk activities
• Develop and maintain documentation related to the engagement and architecture, operational processes and training materials Requirements include:
  • U.S. citizenship
  • Current secret security clearance (at a minimum)
  • Bachelor's degree is required; IT related discipline is preferred
  • 5+ years of experience with Splunk administration including security information and event management (SIEM) integrations
  • 5+ year of experience developing Splunk queries, reports, alerts, dashboards, and knowledge objects
  • Experience with Splunk dashboard design is preferred
  • Experience in Splunk configuration files, RegEx and comfort in using the Linux CLI and Windows
  • Experience using Splunk to perform above baseline threat hunting in a SOC or DCO environment
  • Experience in SOAP, JSON, REST API, web-based technologies and scripting languages including JavaScript, Python, Perl and shell scripting, XML, HTML
  • Experience in requirements analysis, engineering, and testing in real world environments
  • Effective written and verbal communication skills to work with a blended government and contractor team
  • Experience in Splunk DB Connect, ITSI, HEC is preferred
  • Splunk certified preferred
  • Experience with SAP, HANA database, and/or system architecture is preferred
  • Experience presenting information to customer audiences (prior presentations to groups up to 30 people) is preferred
  • Experience providing mentorship to junior team members, as requested, for Splunk related activities is preferred #D #ZR *MON.Tallon Recruiting and Staffing provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by federal, state, or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. We comply with Form I-9 identity and legal work authorization requirements and utilize E-Verify for Employment Eligibility Verification in accordance the Immigration Reform and Control Act of 1986 (IRCA). Individuals with disabilities who need assistance with the application process can reach us by email at or telephone For more information please visit us at . - provided by Dice

Keywords: Tallon Recruiting & Staffing, Arlington , Splunk Administrator, Other , Arlington, Virginia