Splunk Analyst

29 Jul 2022
Apply

Topologe, LLC is a growing small business with its headquarters located in Washington, DC. It is a certified Small Disadvantaged Business. Topologe provides Software Engineering, Systems engineering, AI/Machine Learning, IT Infrastructure, Help Desk, Information Assurance, Project Management and Network Engineering Services. Topologe supports multiple DoD clients to include the U.S. Air Force, U.S. Army Corps of Engineers, Federal Aviation Administration, Dept of Interior Fish and Wildlife Service, among others. Topologe is also a prime contractor for multiple Indefinite Delivery Indefinite Quantity (IDIQ) contracts to include GSA IT 70, GSA OASIS (sub), FAA eFAST, etc.

Description of Work
  • Review existing data onboarding procedures and index usage and provide a Splunk readiness assessment prior to installation and configuration. Review the infrastructure, customer-documented requirements, and resource availability
  • Review company data onboarding configurations and align to best practices. Align best practices on splitting of data into individual events and multi-line merge settings, parsing on date/timestamps, truncation on long events, recommendation based on Splunk Common Information model where possible
  • Experience with lightweight directory access protocol (LDAP)
  • Create Splunk dashboards and queries such as reports, searches, alerts, and other knowledge objects
  • Familiarity with Splunk architecture and various components (indexer, forwarder, search head, deployment server)
  • Generate Splunk Search Processing Language (SPL) queries, and Reports and constructs dashboards using XML, custom navigation, and test Splunk search strings and operational strings
  • Configures and automates Splunk configuration files. This task may include configuration of Splunk settings related to sending data out of Splunk during ingest and verity forwarding settings with test set of data. Configure Splunk to send data to a non-Splunk system
  • Maintain Splunk index settings
  • Work with the Splunk team to resolve ongoing issues in our Splunk environment
  • Work on large datasets to generate insights and communicate insights to guide strategic roadmap

Required Qualifications
  • Bachelor’s degree and 5 years of experience, Master's degree and 3 years of experience, or 7 years of experience in lieu of a degree
  • At least 3 years of experience using:
    • Splunk, specifically Splunk scripting and on-boarding of large collection of metadata from different sources into Splunk
  • At least 3 years of experience with:
    • In-depth knowledge of designing, upgrading, maintaining, and implementing network devices on a large-scale enterprise
    • Coordination and communication with other remotely deployed team members
    • Developing documentation with processes and procedures
    • Proposing, implementing automation features in a large enterprise environment
  • Minimum of 3 years of experience in developing and tailoring reporting from network security tools.
  • Must be able to obtain and maintain a US Public Trust clearance

Desired Qualifications
  • Have completed at least one Splunk Certification. At minimum, the candidate must have Splunk Core Certified Power User certification. Splunk Admin or Architect Level Certifications is preferred.
  • Prior experience supporting government agencies a plus
  • Understanding of business processes supporting IT programs, networks, and/or cybersecurity programs
  • Understanding of network technologies, workflows, IT reporting, etc.
  • Must be a self-starter, position is remote from the other team members
  • Must communicate clearly to team members, be comfortable with coordination, collaboration and communication when performing network activities

What We Offer:
  • Multiple Medical/Dental/Vision insurance options
  • 401(k) Retirement Plan w/ matching Short Term and Long Term Insurance
  • 11 Paid Holidays
  • 3 weeks PTO
  • Flexible Spending Account
We provide a comprehensive benefits package, including medical, dental, and vision insurance; paid time off and holidays; a flexible spending account; a 401(k) retirement plan with matching; Life insurance, short-term/long-term Disability insurance and more.

  • ID: #44466379
  • State: Colorado Lakewood 80123 Lakewood USA
  • City: Lakewood
  • Salary: Depends on Experience
  • Job type: Permanent
  • Showed: 2022-07-29
  • Deadline: 2022-09-06
  • Category: Et cetera
Apply