Key skills
Splunk ArchitectureSplunk Core FunctionalitiesSplunk Enterprise SecuritySplunk Data IngestionSplunk Search SyntaxSplunk Data ModelsSplunk ReportingData Analysis TechniquesStatistical MethodsPythonPowerShellNetwork ProtocolsSystem AdministrationSecurity ConceptsRMF CertificationIAT II Certification (Security+)ServiceNow ITSMCustomer ServiceSplunkServiceNowLeadershipCritical ThinkingProblem Solving
About this role
Peraton is a next-generation national security company that drives missions of consequence spanning the globe. They are seeking a Splunk Engineer to provide engineering and administration support for a large distributed clustered Splunk Enterprise environment, focusing on data collection, analysis, and visualization.
Responsibilities:
- Demonstrates domain and expert technical knowledge of Splunk monitoring solutions
- Monitor Splunk system health, identify performance bottlenecks, and optimize configurations
- Manage Splunk capacity planning and resource allocation
- Maintain data ingestion pipelines from diverse data sources (application logs, system logs, network traffic, etc.)
- Configure Splunk data inputs, indexes, and data processing pipelines to optimize data collection and analysis
- Monitor data ingestion and troubleshoot data quality issues
- Leverage Splunk Enterprise Security (ES) to detect and investigate security incidents
- Develop and maintain custom Splunk ES detection rules and correlation searches
- Ensure compliance with relevant RMF security and industry regulations by monitoring and reporting on key data points
- Provide technical training and support to Splunk users across the organization
- Develop user documentation and best practices guides for Splunk usage
- Provide technical expertise to assist senior leadership in shaping and achieving the organization's strategic vision, operational and tactical goals
Requirements:
- 5 years with BS/BA; 3 years with MS/MA; 0 years with PhD
- Active Public Trust Clearance
- Must be a US Citizen
- Proven experience with Splunk architecture
- Current active IAT II certification (Security+) with related Computing Environment (CE) Splunk certifications to comply with DoD 8570 and DoD 8140.03 requirements
- Experience in RMF or similar government IT certification and accreditation processes
- Strong customer service and communications skills, both oral and written
- Strong critical thinking skills that facilitate expedient problem solving
- Strong understanding of Splunk core functionalities, including search syntax, data models, and reporting capabilities
- Experience in data analysis techniques and statistical methods
- Experience with scripting languages like Python or PowerShell for automation
- Knowledge of network protocols, system administration, and security concepts
- Experience working within Military Health environments
- Familiarity with ServiceNow (MHSSHD) ITSM ticketing system