Job Summary

What You'll Do

• Manage multiple assignments, changing priorities, and work independently with little oversight
• Build, implement, and administer Splunk in Windows and Linux environments
• Work with existing and custom Splunk applications and add-ons to fulfill customer needs
• Provide operations and maintenance support for a distributed Splunk environment consisting of heavy forwarders, indexers, and search head servers, spanning security, performance, and operational roles
• Editing and maintaining Splunk configuration files and apps
• Onboard data to Splunk via forwarder, scripted inputs, TCP/UDP, and modular inputs from a variety of sources.
• Provider operational support for Splunk Universal Forwarder on Linux and Windows endpoints
• Manage, and support automation solutions for Splunk deployment and orchestration in on-premise.

Who You Are

• You are deeply passionate about information security and boast a versatile background in business, technology, and security. Your strong critical thinking and analytical skills set you apart. You also possess the following qualifications:

• Bachelor’s degree in Computer Science, Engineering, or a related field and a minimum of four (4) years of experience in system administration, database administration, network engineering, software engineering, or software development, with a concentration in Cybersecurity
• Two (2) years of experience with Splunk in distributed deployments
• At least two certification: Splunk Certified in Admin or ES Administration.
• Excellent written and oral skills, ability to work closely with multiple customers, manage expectations and track engagement scope
• Experience with Splunk Enterprise Security or integration with other Security Information and Event Management (SIEM) platforms
• Proficient at data on-boarding activities including routing, parsing, and normalizing events to the Splunk Common Information Model (CIM)
• Proficiency onboarding data using Splunk developed add-ons for Windows, Linux, and common third-party devices and applications
• Experience onboarding data into Splunk via forwarder, scripted inputs, TCP/UDP, and modular inputs from a variety of sources
• Proficiency managing Splunk using the Splunk command-line interface
• Proficiency managing Splunk using configuration files
• Experience collaborating with separate engineering teams to configure data sources for Splunk integration
• Proficiency implementing and onboarding data in Splunk
• Experience with Splunk performing systems administration, including performing installation, configuration, monitoring system performance and availability, upgrades, and troubleshooting
• General networking and security troubleshooting (firewalls, routing, NAT, etc.)
• Splunk implementation and troubleshooting experience
• Experience in managing, maintaining, and administering multi-site indexer cluster
• Proficiency developing log ingestion and aggregation strategies per Splunk best practices
• Perform integration activities to configure, connect, and pull data with 3rd party software APIs
• Proficient in regular expressions
• Ability to autonomously prioritize and successfully deliver across a portfolio of projects
• Ability to Script and use Ansible and/or Teraform

• Experience working in Azure
• Experience with CRIBL
• Experience with large DB analysis/customization/tagging
• Experience with GitLab or GitHub or other version control system
• Scripting and development skills (Bash, Python, and PowerShell)

• 401(k) matching
• Dental insurance
• Flexible schedule
• Health insurance
• Paid time off
• Professional development assistance
• Vision insurance
• Maternity/Paternity Leave
• But wait there’s even more

• Competitive compensation structure - We believe in above-average compensation for our above-average team members.
• Generous time off - Our team enjoys extensive PTO/Vacation, plus paid holidays and maternity/paternity leave for new parents.
• Healthcare - We have you covered. Health, vision, dental and life plans, for you and your family. See our benefits above.
• Grow with us - We offer our team every chance to learn and grow their skills while helping shape the future of our company.