Splunk Administrator
Splunk Administrator
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Summit Technologies Inc. is seeking a Splunk Administrator to support enterprise cybersecurity operations. This role is responsible for administering maintaining and optimizing Splunk platforms within a mission-critical federal environment. You will ensure reliable log ingestion efficient search reporting and seamless support to Analysts and Engineers who rely on Splunk. This is an excellent opportunity for an IT professional with hands-on Splunk administration experience who thrives in federal environments. This Hybrid position requires working 3 days per week onsite in Washington DC. Candidates must be eligible to obtain a Public Trust clearance.
Duties and Responsibilities
- Administer and maintain Splunk Enterprise and Splunk ES ensuring availability performance and stability.
- Manage log ingestion pipelines including syslog servers Windows Event Collectors and application connectors.
- Onboard and normalize new data sources validate data quality and ensure mapping to the Common Information Model (CIM).
- Create maintain and optimize Splunk knowledge objects (field extractions lookups macros event types tags etc.).
- Develop and tune dashboards reports and alerts to support incident response operations and compliance requirements.
- Monitor Splunk license consumption and system capacity; make recommendations for scaling and optimization.
- Troubleshoot Splunk forwarders search head and indexer issues to maintain operational continuity.
- Implement KV stores lookups and data model acceleration to improve search and reporting performance.
- Support security use case development in Splunk ES for security incident response analysts.
- Assist end users with queries dashboards and reporting needs providing mentorship in SPL and best practices.
- Maintain documentation including SOPs technical designs and architecture references.
- Monitor Splunk infrastructure health and contribute to proactive capacity planning.
- Participate in team meetings planning sessions and technical reviews.
Required Skills and Experience
- 3 years of hands-on Splunk administration experience in enterprise environments.
- Strong Linux command line experience; familiarity with Windows and Unix system administration.
- Experience with Splunk ES CIM and advanced search/reporting commands.
- Knowledge of log ingestion methods normalization and baselining techniques.
- Experience with regular expressions (regex) for field extractions and data parsing.
- Familiarity with security technologies such as endpoint protection IDS/IPS firewalls and vulnerability management.
- Strong troubleshooting skills across distributed IT infrastructures.
- Excellent interpersonal and communication skills (verbal and written).
Required Certification
- CompTIA Security or higher certification (e.g. CISSP CISM).
Highly Desired Skills
- Experience in a Security Operations Center (SOC) environment.
- Experience with data modeling use case development and alert tuning.
- Familiarity with NIST and federal cybersecurity frameworks (e.g. FISMA OMB FedRAMP).
- Experience with other SIEM tools (e.g. ELK Azure Sentinel).
- Splunk Certified Administrator certification preferred.
Education
- Bachelors degree in Cybersecurity Computer Science Information Systems Engineering or related discipline; OR 7 years of relevant IT experience.
Clearance Requirement
- Must be eligible for a Public Trust.
If you feel you are qualified and want to be considered for this position please supply the following to:
and please put the job number 6863 in the subject line:
- Updated resume including MM/YYYY for each employer.
- Best times/dates to interview (plus phone # you can best be contacted at).
- Availability to start once given formal offers.
Summit Technologies Inc. appreciates your interest. We will contact the best matching prospects and will consider you for future opportunities. We will not submit your resume without your prior knowledge and consent. We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race color religion gender sexual orientation gender identity national origin disability or veteran status.
Required Experience:
Unclear Seniority
Employment Type
Full Time
