Splunk Developer

Evolver Federal is looking for a Splunk Developer ­to join our team supporting our supporting our government client. The individual will provide engineering support for IT solutions supporting our Federal client's Continuous Monitoring Program. Leveraging existing enterprise instances, the Splunk Developer will develop and maintain a suite of tools including but not limited to Splunk Dashboards integrating existing and new data sources, Application Program Interface (API) connections with external systems, and further implement automation within the tool suite.

The Splunk Developer will also advise on methods to further evolve the automation strategy to support the client's Continuous Monitoring Program including, but not limited to, identifying opportunities for further automation to reduce manual processing, articulating the associated business case, implementing related solutions and advising on additional tools to further the client's automation strategy. The Splunk Developer will partner with Federal security tools and infrastructure management teams to administer and manage the client's application of enterprise toolsets to facilitate data ingestion, analysis, correlation, and visualizations.

Although the individual is not responsible for maintaining ownership nor overall Administrator responsibility of the enterprise security tools implemented within the client environment, they will be responsible for optimizing and maintaining the client's inputs into the enterprise security tools to support the client's Continuous Monitoring Program.

Responsibilities

• Design, develop, engineer, and implement solutions to support the client's Continuous Monitoring Program using Splunk and any other datasets and toolsets available in the client's environment.
• Design and implement functional requirements for new and existing Splunk Dashboards, consolidating data from multiple data sources internal and external to Splunk.
• Interface with Enterprise Splunk Engineering Team to share lessons learned, coordinate on data sources and data integrity, and provide availability and integrity requirements to support the Continuous Monitoring Program.
• Identify and document authoritative data sources.
• Document and execute manual data refresh procedures.
• Execute incremental and full back up procedures at pre-determined intervals.
• Participate in requirements gathering, solutions architecting, design and build of technology solutions to support the client's Continuous Monitoring Program.
• Integrate automation into the application and systems monitoring processes.
• Assist with data enrichment to improve reporting, search and dashboard capabilities.
• Evaluate enterprise security risks and identify recommendations for maturing and evolving the client's Continuous Monitoring Program to facilitate proactive identification and mitigation of risk.
• Ensure the accuracy and availability of the Continuous Monitoring Dashboards, including lookup tables, are up-to-date and operating as intended.
• Establish, maintain, and monitor the execution of scheduled jobs used to populate data within the Splunk Dashboards.
• Identify and implement new Splunk dashboards that provide the Continuous Monitoring program and Information System Security Officers with increased visibility into the risk present in government systems.
• Integrate and manage APIs with authoritative data sources.
• Develop, manage, and maintain scripts used for data ingestion.
• Act as a liaison with other Branches within the client's organization to eliminate duplication of efforts and align strategic direction of tool suites to facilitate the goals of the Continuous Monitoring Program.
• Oversee automated data feeds and manual data refresh activities, ensuring documented procedures are maintained and staff are executing internal procedures according to the documented SOPs.
• Oversee and maintain backup repository of all queries and code necessary to reinstate technical toolset to support the Continuous Monitoring Program if/as necessary.
• Implement automated alerts in Splunk, or similar tools.

Basic Qualifications

• Bachelor's Degree in Information Technology or related field or 10 years of overall experience.
• 5 years of experience building dashboards, writing code, and using Splunk Enterprise v 7.3 and higher
• 3 years of experience using tenable.io, Nexus IQ Server, CloudCheckr, PrismaCloud.
• 3 years of experience with GitHub and/or JIRA/ Confluence preferred.
• 3 years of experience developing, maintaining, administering, and/or evaluating cloud solutions in AWS East/ West, MS Azure GovCloud, MS Office 365, and/or Google Services.
• Must be a US Citizen with suitable eligibility for Public Trust position.

Preferred Qualifications

• Previous experience supporting Department of Homeland Security federal clients preferred.
• Experience implementing automated solutions using Swimlane SOAR or similar tool, preferred.
• Ability to comprehend supporting processes of the client's Continuous Monitoring Program and advise on ways to incorporate automation.
• Familiar with NIST SP 800-37 Risk Management Framework.
• Works well independently and as part of a team.
• Possesses a solid understanding of cyber security concepts.
• Perform other duties as assigned by the Government.
• Ability to work efficiently and effectively in a dynamic and fast-paced environment.
• Ability to clearly communicate complex technical concepts to Information Technology Project Managers, Database Administrators, Application Developers, and Security Compliance Analysts, as well as non-technical POCs such as Branch Chiefs and Business System Owners.
• Executes peer code reviews
• Ability to communicate clearly and effectively via written and verbal communication in both formal and informal situations.
• Splunk certification such as Splunk Core Certified Power User, Splunk SOAR Certified Automation Developer, or similar preferred, but not required.

Evolver Federal is an equal opportunity employer and welcomes all job seekers. It is the policy of Evolver Federal not to discriminate based on race, color, ancestry, religion, gender, age, national origin, gender identity or expression, sexual orientation, genetic factors, pregnancy, physical or mental disability, military/veteran status, or any other factor protected by law.

Actual salary will depend on factors such as skills, qualifications, experience, market and work location. Evolver Federal offers competitive benefits, including health, dental and vision insurance, 401(k), flexible spending account, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies.