Sr Splunk Enterprise Architect - on site

Job Title: Splunk Enterprise Architect - on site
3-6 months
Miami, FL USA

*** MUST HAVE SECRET CLEARANCE***
Job Summary
We are seeking a highly skilled Splunk Enterprise Architect to help lead the end-to-end deployment, configuration, and operationalization of Splunk ES in support of our growing cybersecurity program. This individual will be responsible for onboarding data sources, tuning correlation searches, customizing security content, and enabling actionable security insights across the organization.
MUST HAVE SECRET CLEARANCE
Splunk Architect
Description:

• Ability to fulfill Splunk admin role as well as architect
  
• Fully design and architect a Splunk enterprise environment
  
• Experience with multi-site clustering Architecture and deployment
  
• Experience designing multi-site clustering
  
• Experience and knowledge of Splunk validated designs
  
• Experience with large Splunk deployments 30+TB
  
• Experience with on-prem and cloud architectures
  
• Experience with ingest vs SVC vs forecasting (predictive) licensing
  
• Understanding SVC cloud models
  
• Firm understanding of search, indexer and forwarding tiers
  
• Working knowledge of smartstore vs traditional frameworks
  
• Working knowledge of architecting Splunk for performance
  
• Understanding Splunk cloud SaaS vs hybrid models
  
• Experience with maximizing traffic flows to Splunk on-prem and cloud
  
• Ability to create custom parsers
  
• Working knowledge of Splunk knowledge objects
  
• Ability to deploy HA for Cluster Managers and indexer clusters
  
• Ability to deploy HA for Deployment Servers
  
• Experience with Search head clustering
  
• Understanding of site0
  
• Understanding of search affinity
  
• Understanding of cluster management
  
• Understanding of SF/RF, single and multisite
  
• Ability to follow through on projects
  

Value add:

• ES and ITSI experience
  
• Scripting experience
  
• Large enterprise deployments
  
• Willing to travel
  
• Willing work on a team
  
• Leadership and extreme ownership skills when taking on a project
  
• Documentation and capacity planning skills
  
• Splunk architect certification
  
• Security background
  
• Understanding of cloud computing concepts
  
• Understanding of observability
  

Qualifications:

• 8+ years experience with deploying large enterprise Splunk architectures
  
• Experience with planning large Splunk deployments
  
• Experience with documenting large Splunk deployments
  
• Experience with designing and architecting large Splunk deployments
  
• Good oral and written skills
  
• Good presentation skills