RMantra Solutions
Splunk Engineer
RMantra Solutions, Alexandria, Virginia, us, 22350
Work Schedule : 100% OnsiteClearance:
TS/SCICertification:
Security+ CEWe are seeking a
Splunk Engineer
in support of the Compartmented Enterprise Services Office (CESO) NOC.This position is located in Arlington, VA and is 100% on-site.Primary Responsibilities:Design efficient and reusable reports and dashboards to integrate multiple mission applications’ health, performance and operational data systems into Splunk.Create front-end automated data visualization services using Splunk.Develop viewable Splunk dashboards to provide visibility into ingested log data.Develop alerts that trigger/activate on configured settings to deploy or send a note/email/attachments to a particular destination email or groups.Develop security rules (alerts) that trigger on anomalous activities or threat detections.Administer Splunk in Windows and Linux environments.Work with existing and custom Splunk applications and add-ons to fulfill customer needs.Provide operations and maintenance support for a distributed Splunk environment consisting of heavy forwarders, indexers, and search head servers, spanning security, performance, and operational roles.Edit and maintain Splunk configuration files and apps.Onboard data to Splunk via forwarder, scripted inputs, TCP/UDP, and modular inputs from a variety of sources.Provide operational support for Splunk Universal Forwarder on Linux and Windows endpoints.Manage and support automation solutions for Splunk deployment and orchestration in on-premise and cloud environments.Basic Qualifications:Bachelor’s degree and 4+ years of prior relevant experience. Additional experience may be considered in lieu of degree.Active Top Secret security clearance (with ability to hold TS/SCI) is required prior to start, with the ability to take and maintain CI/POLY.DoD 8570 IAM II certification is required.Splunk Enterprise Certified Architect or equivalent certification or higher.Excellent written and oral communication skills, able to appropriately present highly technical material to both technical and non-technical audiences.Preferred Qualifications:Experience configuring and maintaining the tool in a multi-tenant environment.Experience with AWS Cloud tools and services.For more information, please contact us or send an email to HR@rmantras.com.
#J-18808-Ljbffr
TS/SCICertification:
Security+ CEWe are seeking a
Splunk Engineer
in support of the Compartmented Enterprise Services Office (CESO) NOC.This position is located in Arlington, VA and is 100% on-site.Primary Responsibilities:Design efficient and reusable reports and dashboards to integrate multiple mission applications’ health, performance and operational data systems into Splunk.Create front-end automated data visualization services using Splunk.Develop viewable Splunk dashboards to provide visibility into ingested log data.Develop alerts that trigger/activate on configured settings to deploy or send a note/email/attachments to a particular destination email or groups.Develop security rules (alerts) that trigger on anomalous activities or threat detections.Administer Splunk in Windows and Linux environments.Work with existing and custom Splunk applications and add-ons to fulfill customer needs.Provide operations and maintenance support for a distributed Splunk environment consisting of heavy forwarders, indexers, and search head servers, spanning security, performance, and operational roles.Edit and maintain Splunk configuration files and apps.Onboard data to Splunk via forwarder, scripted inputs, TCP/UDP, and modular inputs from a variety of sources.Provide operational support for Splunk Universal Forwarder on Linux and Windows endpoints.Manage and support automation solutions for Splunk deployment and orchestration in on-premise and cloud environments.Basic Qualifications:Bachelor’s degree and 4+ years of prior relevant experience. Additional experience may be considered in lieu of degree.Active Top Secret security clearance (with ability to hold TS/SCI) is required prior to start, with the ability to take and maintain CI/POLY.DoD 8570 IAM II certification is required.Splunk Enterprise Certified Architect or equivalent certification or higher.Excellent written and oral communication skills, able to appropriately present highly technical material to both technical and non-technical audiences.Preferred Qualifications:Experience configuring and maintaining the tool in a multi-tenant environment.Experience with AWS Cloud tools and services.For more information, please contact us or send an email to HR@rmantras.com.
#J-18808-Ljbffr