My Shortlist

Your shortlisted jobs will appear here. To view your shortlist, please login or register

DATE ADDED: Mon 24/09/2018

Splunk Engineer

Washington, USA


Job Description


The selected candidate will assist and contribute to the engineering and implementation support for a large distributed multi-site Splunk environment consisting of heavy forwarders, universal forwarders, clustered indexers, and multiple search head clusters, and enterprise security search heads. The Splunk engineer should be familiar with the Splunk front end (management, configuration, and dashboard creation) along with the Splunk back end (infrastructure, management, troubleshooting, etc.) of the various Splunk tiers (forwarding, indexing and search) and the host operating system. The Splunk engineer should be experienced configuring, troubleshooting, deploying, and maintaining Splunk technical add-ons (TA) and Splunk apps.

The candidate should be able to onboard common data sources into Splunk, develop efficient SPL searches, and build dashboards for analysts and/or management. The Splunk candidate should be familiar and experienced with regex queries to perform field extractions, line breaking, etc. The Splunk engineer should be experienced and comfortable running, managing, and troubleshooting Splunk in a Linux environment. The engineer should also be knowledgeable and have previous hands-on experience Linux operating systems (Familiarity with SE Linux, filesystem ACLs, standard OS longs, etc) to be able to perform troubleshooting at the OS level.



  • A minimum of a Bachelor’s degree coupled with 5+ years’ experience in the Information Technology area.
  • Completed Splunk training
  • Ability to demonstrate proficiency in writing SPL
  • 2+ years of experience in a Splunk role managing a distributed environment
  • 2+ years of experience in managing and troubleshooting Linux
  • Working knowledge of regular expressions
  • ITLL Change & Configuration Management
  • NIST controls


  • RHCS, Linux+, server+
  • Splunk Power User/Splunk Admin/Splunk Architect
  • Experience with scripting (Bash, python, perl)
  • Familiar with Splunk application development
  • Ansible playbook development
  • Experienced configuration management using code repositories (Gitlab, Github, Git, etc)
  • Experience with cyber security operations and SIEM solutions
  • Active Secret Clearance and have a current background investigation (BI) or obtain a favorable BI before joining the program.



  • RedHat: RHCA, RHCE
  • Linux+, server+
  • Splunk Power User/Splunk Admin/Splunk Architect
  • SANS: GCWN - Windows Security Administrator, GISF - Security Fundamentals, GSSP - Secure Software Programmer, GICSP - Cyber Security Professional
  • Carnegie Mellon University: SEI (Software Engineering Institute)
  • ISC2: CCSP - Certified Cloud Security Professional, CISSP - Certified Information Systems Security, CSSLP - Certified Secure Software Lifecycle Professional, SSCP - Systems Security Certified Practitioner
  • CISCO: CCNP, CCIE Security
  • EC-Council: ENSA - EC-Council Certified Incident Handler, ECSP - EC-Council certified Secure Programmer
  • Microsoft: MCSE - Microsoft Certified Solutions Expert
  • VMWare: VCA (Certified Associate), VCP (Certified Professional), VCAP (Certified Advanced Professional), VCIX (Implementation Expert), VCDX (Certified Design Expert)
  • NetApps: Converged Infrastructure Specialist, Certified Implementation Engineer Specialist, Certified Data Administrator Professional, Certified Storage Associate


Company Description
CS is a small business specialize in providing cyber security and IT infrastructure services to the Federal government.

Role: Splunk Engineer
Job Type:
Location: Washington,

Apply for this job now.