Splunk SME

Job Title: Splunk Subject Matter Expert Level II

Location: Remote

Eligibility: US Citizen or Green Card (Permanent Resident) required.
Must be able to obtain a Public Trust clearance,

HOW A SPLUNK CYBER SECURITY SME WILL MAKE AN IMPACT

- Responsible for designing, deploying, and maintaining on-premises
and cloud based Splunk environments to support enterprise-level
monitoring, alerting, and reporting

- Deep expertise in Splunk system architecture, design,
implementation, configuration and operational support in a hybrid
on-prem Unix/Linux and cloud-based environment

- Collaborate across DevOps, Security, and IT teams to optimize
performance, ensure data integrity, system availability and support
mission-critical operations

- Hands-on experience with a large enterprise wide Splunk environment
is mandatory

- Off-hours and weekend efforts for systems maintenance, upgrades and
support may be required from time to time

WHAT YOU’LL NEED TO SUCCEED:

Education:

- Bachelor's Degree in Computer Science or related technical
discipline, preferred but not required.

- NOTE: If resources do not have a relevant college degree, an
additional 4 years of relevant work experience is required.

Required Experience:

- 5+ Years of Splunk Experience Required

- Manages knowledge objects (fields, extractions, tags, event types,
lookups, workflow actions, aliases, macros, and so on) – through
automations, scripting, management server functions; to include
.conf and .cfg files in scope of the last four Splunk Enterprise
versions

- Experience with Splunk deployment and configuration management in
large-scale environments

- Proficiency in writing complex Splunk queries, dashboards, and
alerts using SPL (Search Processing Language)

- Experience with REST APIs for Splunk and external system integration

- Ability to analyze and troubleshoot complex data ingestion and
parsing issues

- Designing and developing an automations workflow and dashboard
interface for such

- Self-starter with a service-oriented mindset who will take action,
find ways to solve problems, and move projects to conclusion
independently

- Strong problem-solving skills and the ability to translate research
insights into practical solutions that address real-world
challenges.

- Strong communication and collaboration skills with the ability to
articulate complex technical concepts to both technical and
non-technical audiences.

- Experience in mentoring and guiding junior researchers or team
members

Preferred Experience:

- Ability to leverage the Splunk AI Assistant and other AI tools to
increase accuracy and efficiency of task and other deliverables

- Advanced knowledge of Unix/Linux and/or Windows systems
administration and troubleshooting

- Strong scripting skills in Bash, Python, JavaScript, SQL and
PowerShell for automation and integration tasks

- Experience with Splunk upgrades, patching, and performance tuning

- Proficiency in integrating Splunk with cloud platforms (AWS, GCP,
Azure)

- Understanding of security and compliance requirements and
implementation of role-based access controls (RBAC) in Splunk

- Strong knowledge of logging standards and best practices across
application and infrastructure layers

- Extensive knowledge of defense-in-depth principles, Network and
Security architecture, network topology, IT device integrity, and
common security elements.

- Executes new projects as well as data and user onboarding

- Strong understanding of IT and Cyber industry standards and
technologies to include such controls governed by NIST, FISMA, and
FedRamp

- Experience installing and utilizing and developing with the Splunk
App for Data Science and Deep Learning.

- Experience installing and utilizing and developing with the Splunk
SOAR Automation toolset

- Experience or background in the Cybersecurity, Systems/Network
Administration or Observability industry

Security Clearance Level:

- Ability to obtain and maintain a Public Trust clearance and
successfully pass a thorough Government background screening process
requiring the completion of detailed forms and fingerprinting

- This position has a U.S. residency requirement. The USPS security
clearance process requires the selected candidate to have resided in
the U.S. (including U.S. Territories) for the last five years as
follows: U.S. Citizens cannot have left the U.S. (including U.S.
Territories) for longer than 6 months consecutively in the last 3
years (unless they meet certain exceptions). Non-U.S. Citizens
cannot have left the U.S. (including U.S. Territories) for longer
than 90 days consecutively in the last 3 years.