Splunk SME

Job Title: Splunk Subject Matter Expert Level II

Location: Remote

Eligibility: US Citizen or Green Card (Permanent Resident) required.

Must be able to obtain a Public Trust clearance,

HOW A SPLUNK CYBER SECURITY SME WILL MAKE AN IMPACT



- Responsible for designing, deploying, and maintaining on-premises

and cloud based Splunk environments to support enterprise-level

monitoring, alerting, and reporting



- Deep expertise in Splunk system architecture, design,

implementation, configuration and operational support in a hybrid

on-prem Unix/Linux and cloud-based environment



- Collaborate across DevOps, Security, and IT teams to optimize

performance, ensure data integrity, system availability and support

mission-critical operations



- Hands-on experience with a large enterprise wide Splunk environment

is mandatory



- Off-hours and weekend efforts for systems maintenance, upgrades and

support may be required from time to time



WHAT YOU’LL NEED TO SUCCEED:



Education:



- Bachelor's Degree in Computer Science or related technical

discipline, preferred but not required.



- NOTE: If resources do not have a relevant college degree, an

additional 4 years of relevant work experience is required.



Required Experience:



- 5+ Years of Splunk Experience Required



- Manages knowledge objects (fields, extractions, tags, event types,

lookups, workflow actions, aliases, macros, and so on) – through

automations, scripting, management server functions; to include

.conf and .cfg files in scope of the last four Splunk Enterprise

versions



- Experience with Splunk deployment and configuration management in

large-scale environments



- Proficiency in writing complex Splunk queries, dashboards, and

alerts using SPL (Search Processing Language)



- Experience with REST APIs for Splunk and external system integration



- Ability to analyze and troubleshoot complex data ingestion and

parsing issues



- Designing and developing an automations workflow and dashboard

interface for such



- Self-starter with a service-oriented mindset who will take action,

find ways to solve problems, and move projects to conclusion

independently



- Strong problem-solving skills and the ability to translate research

insights into practical solutions that address real-world

challenges.



- Strong communication and collaboration skills with the ability to

articulate complex technical concepts to both technical and

non-technical audiences.



- Experience in mentoring and guiding junior researchers or team

members



Preferred Experience:



- Ability to leverage the Splunk AI Assistant and other AI tools to

increase accuracy and efficiency of task and other deliverables



- Advanced knowledge of Unix/Linux and/or Windows systems

administration and troubleshooting



- Strong scripting skills in Bash, Python, JavaScript, SQL and

PowerShell for automation and integration tasks



- Experience with Splunk upgrades, patching, and performance tuning



- Proficiency in integrating Splunk with cloud platforms (AWS, GCP,

Azure)



- Understanding of security and compliance requirements and

implementation of role-based access controls (RBAC) in Splunk



- Strong knowledge of logging standards and best practices across

application and infrastructure layers



- Extensive knowledge of defense-in-depth principles, Network and

Security architecture, network topology, IT device integrity, and

common security elements.



- Executes new projects as well as data and user onboarding



- Strong understanding of IT and Cyber industry standards and

technologies to include such controls governed by NIST, FISMA, and

FedRamp



- Experience installing and utilizing and developing with the Splunk

App for Data Science and Deep Learning.



- Experience installing and utilizing and developing with the Splunk

SOAR Automation toolset



- Experience or background in the Cybersecurity, Systems/Network

Administration or Observability industry



Security Clearance Level:



- Ability to obtain and maintain a Public Trust clearance and

successfully pass a thorough Government background screening process

requiring the completion of detailed forms and fingerprinting



- This position has a U.S. residency requirement. The USPS security

clearance process requires the selected candidate to have resided in

the U.S. (including U.S. Territories) for the last five years as

follows: U.S. Citizens cannot have left the U.S. (including U.S.

Territories) for longer than 6 months consecutively in the last 3

years (unless they meet certain exceptions). Non-U.S. Citizens

cannot have left the U.S. (including U.S. Territories) for longer

than 90 days consecutively in the last 3 years.