CyberData Technologies, Inc., an established technology solution provider based in Herndon, Virginia, is looking to expand its growing team. We are an industry leader in data warehousing and business intelligence for both government and commercial clients. CyberData ranked 30th Fastest Growing Federal Contractors in Washington Technology Fast 50, and is an Inc. 500 company. Our employees are our greatest asset and we are committed to their professional development and growth. We provide competitive salaries, bonuses, generous benefit packages, and paid time off to balance work and personal commitments.
We are currently seeking Splunk Subject Matter Expert – Level III to support our Federal client in Rockville, Maryland.
Job Location: Rockville, Maryland walking distance to Metro.
- Administer a complex Splunk infrastructure made up of 32+ servers.
- Administer Splunk premium apps such as Enterprise Security and IT Service Intelligence.
- Integrate various tools with Splunk to support automation.
- Participate in the HRSA Splunk Center of Excellence and provide support to customers and stakeholders.
- Provide assistance to customers and stakeholders for searches, reports, and dashboards.
- Perform data onboarding activities.
- Perform user onboarding activities.
- Continually monitor and assess data accuracy in Splunk.
- Perform Splunk App/add-on development.
- Implement Splunk changes based on the HRSA’s Splunk Center of Excellence change management procedures.
- Document various Splunk processes, procedures, and workflows.
- Work closely with the Federal Splunk SME to perform other Splunk related tasks.
- Work closely with SOC personnel to implement custom integrations and developments in Splunk.
- Provide recommendations and suggestions for tool and process improvement to Federal Splunk SME.
- Build and maintain Splunk searches, reports, and dashboards to monitor HRSA information system assets for cyber intrusions, anomalies, and threats.
- Continually review existing Splunk correlation searches, reports, and dashboards for data accuracy and tweak.
- Work with other teams within the SOC to gather requirements for monitoring assets using Splunk, develop reports and dashboards based on gathered requirements.
- Bachelor degree in Computer Science or Information Technology related major
- Minimum 5 years of experience administering a complex Splunk architecture including load balancers, multi-site configurations, clustered search heads, etc.
- Minimum 3 years using Splunk in a security operations center environment.
- Experience administering Splunk premium apps in a clustered environment, such as Enterprise Security and Splunk ITSI.
- Experience with change management processes in Splunk and using BitBucket, GitHub, and/or JIRA to track changes in a complex Splunk environment.
- Experience meeting with customers to understand complex applications and collect realistic monitoring requirements.
- Experience onboarding relevant customer data using the Splunk CIM.
- Experience building Splunk technology add-ons to quickly onboard custom data.
- Extensive regex experience in Splunk.
- Experience creating relevant reports/dashboards in a security operations center environment.
- Experience with integrating various cyber security tools with Splunk.
- Experience with using Splunk in security automation workflows.
- Experience with advanced dashboard building and advanced searching.
- Effective oral communication skills, effective presentation skills, effective listening skills, ability to resolve issues, effective written material, logical organization, readability and conciseness.
- Expertise in Splunk Core and Splunk Enterprise Security (SIEM)
- Federal Government Contracting experiences is required and HHS experience is a plus.
- Citizen and Permanent Resident Only
Please submit your resume in Word format with salary requirement to firstname.lastname@example.org. Principals only: NO 3rd PARTY, no employment agencies. No telephone calls please.
CyberData is an equal opportunity employer
CyberData Technologies, Inc.