Senior Splunk Platform Engineer

Posted:
5/19/2024, 5:00:00 PM

Experience Level(s):
Senior

Field(s):
Software Engineering

Workplace Type:
Remote

Senior Splunk Platform Engineer

Job Category: Information Technology

Time Type: Full time

Minimum Clearance Required to Start: None

Employee Type: Regular

Percentage of Travel Required: None

Type of Travel:

* * *

The CDM Data Services Program mission is to provide a standardized platform to collect, transform, and integrate cybersecurity data from relevant authoritative data sources into a coherent data, delivering actionable information into Agency and Federal Dashboards to identify risk areas in support of mitigation as well as to facilitate coordinated agency and national response to cyber-threats.  

This is a remote position where the candidate can work from any location within the United States provided, they are able to work on an eastern time zone schedule.

What You’ll Get to Do:
We are seeking a highly skilled Senior Splunk Platform Engineer to support the Continuous Diagnostics and Mitigation (CDM) program at the Cybersecurity and Infrastructure Security Agency (CISA). The Senior Splunk Platform Engineer will lead the design, implementation, configuration, and optimization of Splunk solutions to enhance the cybersecurity posture of government networks. This role requires a deep understanding of Splunk, cybersecurity principles, and the ability to collaborate effectively with cross-functional teams to ensure the success of the CDM program.

More About the Role:

  • Review the design and architecture of Splunk solutions to support the CDM program's cybersecurity objectives at multiple Agencies.
  • Plan, Design, and Configure Splunk deployments to ensure efficient data migration to the new Integration Layer.
  • Collaborate with stakeholders to gather requirements and translate them into technical solutions leveraging Splunk's capabilities.
  • Ensure data stored in Spunk indices can be read by external data movement tools such as Cribl
  • Create and manage API keys for external tools to programmatically query Splunk data
  • Perform data onboarding, normalization, and enrichment to ensure high-quality and actionable data for security monitoring and analysis.
  • Stay up-to-date with the latest Splunk versions, features, and best practices to continuously enhance the effectiveness of the CDM program.
  • Perform troubleshooting, root cause analysis, and resolution of complex technical issues related to Splunk deployments during migration.
  • Conduct system performance monitoring and capacity planning to maintain the optimal operation of to be infrastructure.
  • Provide mentorship and technical guidance to junior team members, promoting knowledge sharing and skills development.


You’ll Bring These Qualifications:

  • Must be a US citizen and pass a background investigation.
  • Able to obtain and maintain a DHS Suitability/Entry on Duty (EOD)
  • Bachelor's degree in Computer Science, Information Technology, or a related field. Relevant industry certifications are a plus.
  • Proven experience as a Senior Splunk Engineer or in a similar role, preferably in a cybersecurity or CDM deployments.
  • Expert-level knowledge of Splunk Enterprise and Splunk Enterprise Security, including architecture, installation, configuration, and administration.
  • Strong understanding of cybersecurity principles, threat intelligence, and incident response.
  • Knowledge of REST APIs including their methods and authentication techniques
  • Proficient in developing custom Splunk Technical Add-ons (TAs), dashboards, and reports using Splunk's Search Processing Language (SPL).
  • Hands-on experience integrating Splunk with various data sources, security tools, and SIEM platforms.
  • Ability to create complex search queries, correlation rules, and alerts to support security monitoring and analysis.
  • Familiarity with scripting languages such as Python, PowerShell, or Bash for automation and integration tasks.
  • Excellent problem-solving and troubleshooting skills, with the ability to analyze and resolve complex technical issues.
  • Strong communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams and stakeholders.
  • Proven record of delivering projects on time and within scope.
  • Self-motivated and able to work independently as well as part of a team in a fast-paced environment.
  • Demonstrated experience with continuous integration and software CM processes / tools (GIT, JIRA, Confluence, Puppet, Ansible)
  • Intermediate experience with shell scripting and Unix environments.
  • Intermediate knowledge of network design
  • Intermediate hands-on experience with Cribl or Kafka
  • Independently analyze problems and implement solutions.
  • Extensive experience with ELT and data integration from multiple disparate data sources and data formats.

These Qualifications Would be Nice to Have:

  • JIRA experience
  • Confluence

What We Can Offer You:


- We’ve been named a Best Place to Work by the Washington Post.

- Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.

- We offer competitive benefits and learning and development opportunities.

- We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.

- For over 60 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.

Company Overview:

CACI is an Equal Opportunity/Affirmative Action Employer.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other protected characteristic.

Pay Range: There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn more here

Since this position can be worked in more than one location, the range shown is the national average for the position.

The proposed salary range for this position is:

$89,500-$188,000