Splunk Subject Matter Expert

Full Time, Contract W2, Contract Independent, Contract Corp-To-Corp
DOE, very competitiv
Work from home not available Travel not required

Job Description

CyberData Technologies, Inc., an established technology solution provider based in Herndon, Virginia, is looking to expand its growing team. We are an industry leader in data warehousing and business intelligence for both government and commercial clients. CyberData ranked 30th Fastest Growing Federal Contractors in Washington Technology Fast 50, and is an Inc. 500 company.  Our employees are our greatest asset and we are committed to their professional development and growth. We provide competitive salaries, bonuses, generous benefit packages, and paid time off to balance work and personal commitments.


We are currently seeking Splunk Subject Matter Expert – Level III to support our Federal client in Rockville, Maryland.  


Job Location: Rockville, Maryland walking distance to Metro.


Job Duties:

  • Administer a complex Splunk infrastructure made up of 32+ servers.
  • Administer Splunk premium apps such as Enterprise Security and IT Service Intelligence.
  • Integrate various tools with Splunk to support automation.
  • Participate in the HRSA Splunk Center of Excellence and provide support to customers and stakeholders.
  • Provide assistance to customers and stakeholders for searches, reports, and dashboards.
  • Perform data onboarding activities.
  • Perform user onboarding activities.
  • Continually monitor and assess data accuracy in Splunk.
  • Perform Splunk App/add-on development.
  • Implement Splunk changes based on the HRSA’s Splunk Center of Excellence change management procedures.
  • Document various Splunk processes, procedures, and workflows.
  • Work closely with the Federal Splunk SME to perform other Splunk related tasks.
  • Work closely with SOC personnel to implement custom integrations and developments in Splunk.
  • Provide recommendations and suggestions for tool and process improvement to Federal Splunk SME.
  • Build and maintain Splunk searches, reports, and dashboards to monitor HRSA information system assets for cyber intrusions, anomalies, and threats.
  • Continually review existing Splunk correlation searches, reports, and dashboards for data accuracy and tweak.
  • Work with other teams within the SOC to gather requirements for monitoring assets using Splunk, develop reports and dashboards based on gathered requirements.


Job Requirements:

  • Bachelor degree in Computer Science or Information Technology related major
  • Minimum 5 years of experience administering a complex Splunk architecture including load balancers, multi-site configurations, clustered search heads, etc.
  • Minimum 3 years using Splunk in a security operations center environment.
  • Experience administering Splunk premium apps in a clustered environment, such as Enterprise Security and Splunk ITSI.
  • Experience with change management processes in Splunk and using BitBucket, GitHub, and/or JIRA to track changes in a complex Splunk environment.
  • Experience meeting with customers to understand complex applications and collect realistic monitoring requirements.
  • Experience onboarding relevant customer data using the Splunk CIM.
  • Experience building Splunk technology add-ons to quickly onboard custom data.
  • Extensive regex experience in Splunk.
  • Experience creating relevant reports/dashboards in a security operations center environment.
  • Experience with integrating various cyber security tools with Splunk.
  • Experience with using Splunk in security automation workflows.
  • Experience with advanced dashboard building and advanced searching.
  • Scripting language experience, such as Python, JavaScript, Splunk SDK, Splunk add-on builder, etc.
  • Effective oral communication skills, effective presentation skills, effective listening skills, ability to resolve issues, effective written material, logical organization, readability and conciseness.
  • Expertise in Splunk Core and Splunk Enterprise Security (SIEM)
  • Federal Government Contracting experiences is required and HHS experience is a plus.
  • Citizen and Permanent Resident Only


 Please submit your resume in Word format with salary requirement to jobs@cyberdatainc.com.  Principals only: NO 3rd PARTY, no employment agencies. No telephone calls please.


CyberData is an equal opportunity employer

CyberData Technologies, Inc.

Posted By

455 Springpark Place, Suite 300

Dice Id : RTX146efa
Position Id : CYBSSME201811A
Originally Posted : 1 year ago
Have a Job? Post it

Similar Positions

Splunk Admin with ITSI
  • KMM Technologies, Inc
  • Reston, VA
Splunk SME/Splunk Engineer
  • Base One Technologies
  • Washington, DC
Splunk Developer
  • Rite International Group, Inc
  • Reston, VA
Splunk Engineer
  • Deloitte
  • Arlington, VA
Splunk Engineer / Architect
  • Eliassen Group
  • Bowie, MD
Splunk SME
  • The Squires Group, Inc
  • Reston, VA
Splunk Engineer
  • Piper Companies
  • Fairfax, VA
Splunk Lead/Architect Certified Consultant
  • Rapid External Solutions Inc (R-E-S)
  • Mclean, VA
Splunk Engineer- Mid Level
  • Leidos
  • Alexandria, VA
Splunk Engineer
  • Technogen, Inc.
  • Mclean, VA
Splunk Developer
  • Vortalsoft Inc
  • Mclean, VA