Splunk Core Consultant
Ashburn, VA, US
Applications have closed
RavenTek
Discover the RavenTek difference. We bring together the world’s leading innovators and problem solvers to deliver agile solutions & services.Description
Job Title: Splunk Core Consultant
Department: Operations – Bench
Reports To: RavenTek Program Manager
Location: Ashburn, VA with Flexibility for Telework
Schedule: Monday - Friday
Hours: Full-time, 40-hours/week
FLSA Status: Exempt
Position Summary
The Splunk Core Consultant is responsible for the design, development, and implementation of the Splunk
infrastructure, as well as supporting operations activities as the Splunk environment continues to
go through revisions to meet requirements. In addition, the Splunk Core Consultant participates in the change of platforms from on prem to a cloud-based environment. The Splunk Core Consultant designs and executes these changes to implement the future state of Splunk for the client. They work closely with the data acquisition team, the business teams, and the executive management on the government side to provide comprehensive architecture solutions to meet the client's requirements and future needs.
Requirements
Essential Duties and Responsibilities
- Design and implement Splunk infrastructure as per customer requirements
- Perform daily, weekly, and monthly maintenance items for customer environments as required
- Create and maintain Splunk dashboards as per customer requirements
- Perform Splunk tuning for all associated Splunk environments
- Onboard Splunk data sources and TAs
- Enter actual time worked, once complete, at the end of the day, or no later than 10:00 a.m. the following workday, and submit timesheets at the end of each pay period
- Submit MSRs (weekly, monthly, etc.)
- Monitor RavenTek email on a regular basis, at least 2 times per week, and respond accordingly
- Complete required compliance training as assigned
- Other duties as assigned
Qualifications, Knowledge, and Critical Skills
- Strong communication skills
- Ability to collaborate and work efficiently and effectively in both remote and in person interactions with the customer
- Strong interpersonal skills to advise on best practices while balancing the customer expectation on mission outcomes
- Experience with and very comfortable working in an agile environment
Education & Work Experience
- Bachelor’s degree and 6 years of experience or 8 years of related experience in lieu of
- Experience as a Splunk SME
- Experience in Data science and Cybersecurity
- Experience designing, building, maintaining, large Splunk infrastructures
- Expert Splunk application and dashboard developer using complex data searches
- Experience optimizing applications to reduce impact on resources
- Experience with Splunk administration, configuration, tuning large environments
- Experience with data onboarding, Splunk TAs
- Experience managing complex data, specifically managing role-based access control, configuring roles, and designing data onboarding to support current and future roles
- Experience with Regex and custom scripting
- Expertise in Splunk SPL and Python
- Extensive experience with Enterprise Security (ES) including source data deduplication and US Government logging requirements
- Experience with Splunk Premium Apps – ITSI preferred but not required
- Experience with Splunk ML toolkit and Splunk SOAR
Certifications, Licenses
- Splunk Certified Architect
- Splunk Core Certified Consultant
Special Requirements
Top Secret preferred or a Secret with the ability to upgrade to a Top Secret
Work Environment
When working on-site, employees will be working indoors in an office environment with other people. Potential moderate temperature fluctuations. Typical indoor and computer related noise level, and typical office, paper, and equipment related dust. Exposure to video display terminals occurs regularly.
Physical Demands
Employee needs to be able to sit at a workstation for extended periods; use hand(s) to handle or feel objects, tools, or controls; reach with hands and arms; see, talk and hear. Most positions require ability to work on desktop or laptop computer for extended periods of time reading, reviewing/analyzing information, and providing recommendations, summaries and/or reports in written format. Employee may be required to occasionally lift and/or move moderate to heavy amounts of weight, typically more than 40 pounds when racking equipment. Regular and predictable attendance is essential.
ADA: RavenTek will make reasonable accommodations in compliance with the Americans with Disabilities Act of 1990.
EEO/AA: RavenTek does not discriminate based on race, color, national origin, sex, religion, age, disability, sexual orientation, gender identity, veteran status, height, weight, or marital status in employment or the provision of services and is an equal access/equal opportunity/affirmative action employer.
This job description is not intended to be an all-inclusive list of duties and standards of the position and will be reviewed periodically as duties and responsibilities change with business necessity. Essential job functions are subject to modification. Incumbents will follow any other instructions, and perform any other related duties, as assigned by their supervisor.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Cloud Compliance Python Scripting SOAR Splunk Top Secret
Perks/benefits: Gear Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.