Principal or Sr. Principal Splunk Administrator / SECRET / Wiesbaden, Germany

le contenu du travail

US CITIZENSHIP REQUIRED FOR THIS POSITION: Yes

RELOCATION ASSISTANCE: Relocation assistance may be available

CLEARANCE TYPE: Secret

TRAVEL: Yes, 10% of the Time

Description

Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the worlds leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and secure. Peraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, civilian, health, and state and local markets. Every day, our 22,000 employees do the cant be done, solving the most daunting challenges facing our customers.

Peraton is seeking a motivated Principal or Sr. Principal Splunk Administrator to join our team in support of the U.S. Army Regional Cyber Center - Europe (RCC-E) services contract in Wiesbaden, Germany . Candidates should have an active Secret or Top Secret/SCI clearance . The candidate should be capable of working as a team member to administer a Splunk multisite cluster running on a Linux platform. The candidate should also be capable of installation of a clustered Splunk deployment including the designing and modeling of administrative dashboards to monitor and troubleshoot the health and perform of the entire system.

Job Duties:

• Administer Splunk multisite cluster on multiple classification networks
• Architect clustered Splunk deployments
• Navigate within Linux to perform troubleshooting of the Splunk platform
• Troubleshoot, maintain, and enhance complex tools that support defensive cyber operations
• Establish, maintain, and enhance best practices and operational efficiencies of the Linux OS and supported applications
• Ensure uptime and performance for all supported systems

What You’ll Get to Do:

• Evaluate new technologies and make recommendations for integration into existing operations
• Monitor, troubleshoot and resolve server and service outages
• Work towards replacing legacy tools, applications, and platforms with new commercial or open source products
• Support system accreditation efforts by implementing DISA STIGs and maintaining compliant services through centralized management
• Ancillary duties may include setting up administrator and service accounts, maintaining system documentation, tuning system performance, installing system wide software and allocating mass storage space.

This requisition may be filled at a higher grade based on qualifications listed below.

Basic Qualifications for a Principal Splunk Administrator :

• Bachelors degree in Engineering, Computer Science, Science or Business Administration, or Mathematics plus 5 years of specialized experience OR an Associates degree plus 7 years of specialized experience OR a major certification plus 7 years of specialized experience OR 11 years of specialized experience
• Three (3) years of Splunk administrative experience with the capability to operate without supervision to perform daily troubleshooting of application errors, user issues, license issues, etc.
• Experience supporting multisite architecture
• Write and maintain custom TAs used to parse and normalize disparate data sets
• Strong understanding of Data Models and CIM compliance
• Ability to write and troubleshoot complex REGEX
• Organize and orchestrate data set cutovers with impacted users and parties
• Provide advanced SPL support to various content owners and knowledge mangers
• Knowledge of SAML authentication
• Familiarity with Kafka Connect, HEC, and Syslog
• Create and maintain administrative dashboards
• Splunk Enterprise Certified Administrator
• Must have an active Secret clearance and be DoD 8570 IAT III certified (CASP+, CCNP Security, CISA, CISSP, GCED, GCIH, CCSP) OR have an active TS/SCI and be DoD 8570 IAT II certified (CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP)

Preferred Qualifications:

• Splunk Enterprise Security Certified Administrator
• Experience with Splunk Stream
• Experience in Linux Shell scripting or Go
• Experience with VScode
• Experience with Git, Gitlab, Github, and other project configuration management skills

Basic Qualifications for a Sr. Principal Splunk Administrator :

• Bachelors degree in Engineering, Computer Science, Science or Business Administration, or Mathematics plus 9 years of specialized experience OR an Associates degree plus 7 years of specialized experience OR a major certification plus 7 years of specialized experience OR 11 years of specialized experience
• Three (3) years of Splunk administrative experience with the capability to operate without supervision to perform daily troubleshooting of application errors, user issues, license issues, etc.
• Experience supporting multisite architecture
• Write and maintain custom TAs used to parse and normalize disparate data sets
• Strong understanding of Data Models and CIM compliance
• Ability to write and troubleshoot complex REGEX
• Organize and orchestrate data set cutovers with impacted users and parties
• Provide advanced SPL support to various content owners and knowledge mangers
• Knowledge of SAML authentication
• Familiarity with Kafka Connect, HEC, and Syslog
• Create and maintain administrative dashboards
• Splunk Enterprise Certified Administrator
• Must have an active Secret clearance and be DoD 8570 IAT III certified (CASP+, CCNP Security, CISA, CISSP, GCED, GCIH, CCSP) OR have an active TS/SCI and be DoD 8570 IAT II certified (CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP)

Preferred Qualifications:

• Splunk Enterprise Security Certified Administrator
• Experience with Splunk Stream
• Experience in Linux Shell scripting or Go
• Experience with VScode
• Experience with Git, Gitlab, Github, and other project configuration management skills

We are an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state, or local law.