Splunk Cybersecurity SME (Remote)
US-VA-Falls Church
tier1
Req #: 21977
Type: CTH
|
||||||||
|
||||||||
Overview: * Tier One Technologies is seeking a Splunk Cybersecurity SME to support our direct US Government client. * This is going to be a 100% remote Contract-to-Hire position. * SELECTED CANDIDATES WITHOUT REQUIRED CLEARANCE WILL BE SUBJECT TO A FEDERAL GOVERNMENT BACKGROUND INVESTIGATION TO RECEIVE IT. Responsibilities: * Design, deploy, and maintain on-premises and cloud based Splunk environments to support enterprise-level monitoring, alerting, and reporting. * Execute new projects as well as data and user onboarding. * Manage knowledge objects (fields, extractions, tags, event types, lookups, workflow actions, aliases, macros, and so on) - through automations, scripting, management server functions; to include .conf and .cfg files in scope of the last four Splunk Enterprise versions. * Mentor and guide junior researchers or team members. * Support off-hours and weekend efforts for incident investigations and systems maintenance. Qualifications: * A degree from an accredited College/University in the applicable field of services is required. If the individual's degree is not in the applicable field, then 4 additional years of related experience is required * 8+ years of overall experience in cybersecurity. * 5+ years of specific Splunk experience. * Proven Splunk deployment and configuration management experience in large-scale environments. * Proficiency in writing complex Splunk queries, dashboards, and alerts using SPL (Search Processing Language). * Experience with REST APIs for Splunk and external system integration. * Ability to leverage the Splunk AI Assistant and other AI tools to increase accuracy and efficiency of task and other deliverables. * Advanced knowledge of Unix/Linux and/or Windows systems administration and troubleshooting. * Strong scripting skills in Bash, Python, JavaScript, SQL and PowerShell for automation and integration tasks. * Experience with Splunk upgrades, patching, and performance tuning. * Proficiency in integrating Splunk with cloud platforms (AWS, GCP, Azure). * Understanding of security and compliance requirements and implementation of role-based access controls (RBAC) in Splunk. * Strong knowledge of logging standards and best practices across application and infrastructure layers. * Strong problem-solving skills and the ability to translate research insights into practical solutions that address real-world challenges. * Strong communication and collaboration skills with the ability to articulate complex technical concepts to both technical and non-technical audiences. * Must be a US Citizen or have permanent residence status (Green Card). * Must be able to obtain a Position of Public Trust Clearance. * Must be able to pass a drug screening, criminal history, and credit checks. * Must have lived in the United States for the past 5 years. * Cannot have more than 6 months travel outside the United States within the last five years. Military Service excluded. (Exception does not include military family members).
Share this job:
