Splunk Engineer with TS Clearance

Qualification Requirements

• Splunk Architect Certification
• Experience designing and implementing ground up distributed Splunk installations including all Splunk server roles (Search Head, Indexers, Heavy Forwarders and Universal Forwarders, etc.)
• Experience with advanced configuration of Splunk including Indexer Clustering and Search Head Clustering.
• Experience maintaining and administering enterprise Splunk implementations.
• Experience developing custom Splunk content including scheduled searches, reports, dashboards, etc.
• Proficient at data on-boarding activities including custom parsing rules, custom Technology Add-On building according to Splunk's Common Information Model (CIM).
• Experience configuring indexes, index routing, retention policies, etc.
• Experience working in linux and windows environments, ability to configure:
• Storage subsystems (I.e. partitioning, Volume Groups, Logical Volumes, etc.)
• SELinux
• Familiarity with different flavors of Linux distros (RedHat, CentOS, Ubuntu, etc.)
• File Permission Settings (linux/windows)
• Excellent written and oral skills, ability to work closely with multiple customers, manage expectations, and track engagement scope.

Preferred Qualifications

• Splunk Core Consultant Certification
• Splunk Enterprise Security Implementation Certification
• Splunk IT Service Intelligence certification
• Understanding of Syslog daemon configuration principles, ideally in Syslog-NG and RSyslog configurations.
• Cloud experience (AWS, Azure, etc.)
• Development and API experience (Python, Perl, XML)
• SaltStack, Ansible, and other enterprise automation tool experience.
• Hardware experience and storage experience (SAN, NAS, etc.)