Title: Splunk Engineer

Location: Washington D.C. - Hybrid Remote

Citizenship/Clearance Requirement: US Citizen with a Secret Clearance



-Serve as a subject matter expert (SME) to use Splunk as part of a department-wide effort to achieve efficiencies and orchestration across various Splunk deployments (silos) into a more unified architecture and operational security capability.

-Quickly learn and assimilate the complicated set of Splunk system owners, capabilities, data types, indexes, data repositories, and consumers across multiple organizational components.

-Analyze existing ingested data to respond to evolving business, IT, and security functions.

-Serve as a Splunk technical engineer to implement requirements and assist with devising a new, to-be architecture to satisfy Department-level requirements.

-Use your in-depth knowledge of Splunk on-premises and cloud deployments to assist with identifying the most effective and efficient way to deploy Spunk capabilities (e.g., search heads, forwarders, indexers) to achieve desired outcomes.

-Inventory and assess data sources and inputs and ensure this data is prioritized and properly formatted for Splunk ingest and report generation.

-Turn data into action with intelligent analytics and clear insights. Define raw input requirements to support data models as well as final outputs required to ensure Department personnel can assess the security status of computing systems and produce readable, understandable summary reporting.

-Utilize Splunk to develop data requirements, data catalog(s), data descriptions, data sources, and data formatting to ensure that security controls can be measured and managed across on-premises and cloud IT services.

-Develop dashboarding or other automated data presentation designs.

-Interact with team members to integrate and migrate customers into a centralized Enterprise Splunk instance.



You Will Bring These Qualifications:

-Minimum seven (7) years of experience with the Splunk environment, including Splunks unique investigative approach to data analysis.

-Experience with on-premises and cloud (MSSP) Splunk system deployments and the pros/cons of each approach.

-Experience in using Splunk for data collection, formatting, presentation, and preservation.

-Strong experience in Splunk for ingest of data across a variety of applications and users.

-Working in large enterprise environments leveraging clustering technologies and multiple Splunk instances.

-Experience in the presentation of data requirements, solutions, and outputs to system owners and executive leadership.

-Ability to capture high-level technical information in a clear, concise manner.

-Strong communication skills to understand and communicate data scope, breadth, and depth.

-Ability to think creatively and adapt creative thinking to what works for the organization.

-Splunk Certifications, Splunk Enterprise Certified Administrator or Splunk Enterprise Certified Architect.



Educational Requirements: -Bachelor

s degree or higher in a relevant field, such as Cybersecurity, IT Systems, Software Engineering, Network Engineering, or a related field of study.

Certification Requirements: None

Preferred Skills: N/A





Arena Technical Resources, LLC, (ATR) is an Equal Opportunity Employer (EOE) who will provide equal employment opportunity to employees and applicants for employment without regard to race, ethnicity, religion, color, sex, pregnancy, national origin, age, veteran status, ancestry, sexual orientation, gender identity or expression, marital status, family structure, genetic information, or mental or physical disability