Splunk Engineer

Are you an accomplished Splunk expert and have experience in IT security and security controls?

Do you desire to be a valued member of a team delivering high-end IT services and consulting for a cabinet-level Federal Government agency?

Hill Associates is searching for a Splunk Engineer to support a fast-paced cabinet-level Department’s Office of the Chief Information Officer (OCIO) organization. You will be a Splunk SME to assist the Department in developing, engineering, and implementing a new Department-wide Splunk capability to facilitate operational security data ingest and metrics, advanced data analytics, and security reporting to both internal and external government consumers.

What You Will Get to Do:

  • Serve as a subject matter expert (SME) to use Splunk as part of a department-wide effort to achieve efficiencies and orchestration across various Splunk deployments (silos) into a more unified architecture and operational security capability.
  • Quickly learn and assimilate the complicated set of Splunk system owners, capabilities, data types, indexes, data repositories, and consumers across multiple organizational components.
  • Analyze existing ingested data to respond to evolving business, IT, and security functions.
  • Serve as a Splunk technical engineer to implement requirements and assist with devising a new, to-be architecture to satisfy Department-level requirements.
  • Use your in-depth knowledge of Splunk on-premises and cloud deployments to assist with identifying the most effective and efficient way to deploy Spunk capabilities (e.g., search heads, forwarders, indexers) to achieve desired outcomes.
  • Inventory and assess data sources and inputs and ensure this data is prioritized and properly formatted for Splunk ingest and report generation.
  • Work on the Continuous Diagnostics and Mitigation Program (CDM) verifying accuracy between layers and testing and installing required apps and add-ons.
  • Turn data into action with intelligent analytics and clear insights. Define raw input requirements to support data models as well as final outputs required to ensure Department personnel can assess the security status of computing systems and produce readable, understandable summary reporting.
  • Utilize Splunk to develop data requirements, data catalog(s), data descriptions, data sources, and data formatting to ensure that security controls can be measured and managed across on-premises and cloud IT services.
  • Develop dashboarding or other automated data presentation designs.
  • Interact with team members to integrate and migrate customers into a centralized Enterprise Splunk instance.

You Will Bring These Qualifications:

  • Minimum fifteen (15) years of experience with the Splunk environment, including Splunk’s unique investigative approach to data analysis.
  • Experience with on-premises and cloud (MSSP) Splunk system deployments and the pros/cons of each approach.
  • Experience in using Splunk for data collection, formatting, presentation, and preservation.
  • Strong experience in Splunk for ingest of data across a variety of applications and users.
  • Working in large enterprise environments leveraging clustering technologies and multiple Splunk instances.
  • Experience in the presentation of data requirements, solutions, and outputs to system owners and executive leadership.
  • Ability to capture high-level technical information in a clear, concise manner.
  • Strong communication skills to understand and communicate data scope, breadth, and depth.
  • Ability to think creatively and adapt creative thinking to what works for the organization.
  • Splunk Certifications, Splunk Enterprise Certified Administrator or Splunk Enterprise Certified Architect.
  • U.S. Citizen.
  • Active US Government Clearance at the Secret level or higher is a MUST.
  • Masters degree – such as Cybersecurity, IT Systems, Software Engineering, Network Engineering, or a related field of study.
  • Exceptional organizational and time-management skills.
  • Experience working with and in Government projects desired.

What We Can Offer You:

Hill Associates is an affirmative action and equal opportunity employer. Employment decisions will be made without regard to race, color, religion, sex, age, national origin, military status, veteran status, handicap, physical or mental disability, sexual orientation, gender identity, genetic information or other characteristics protected by law.

If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Hill Associates Recruiting Team at 202-656-6505 or via email at careers@hillasc.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.

Hill Associates offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.