Sr. Splunk Engineer/Compliant Event Logging Implementation w/ Federal exp. (Remote)

Type of Requisition:

Regular

Clearance Level Must Currently Possess:

None

Clearance Level Must Be Able to Obtain:

None

Public Trust/Other Required:

NACI (T1)

Job Family:

Functional Experts

Job Qualifications:

Skills:

Event Logging, Federal Agencies, Log Management, Splunk Enterprise Security

Certifications:

None

Experience:

15 + years of related experience

US Citizenship Required:

Yes

Job Description:

GDIT is seeking a remote Senior Splunk Engineer/Log Manager with proven experience in the areas of application, database, and end-point event and log centralization/management. The resource will support a federal customer with the design and implementation of their compliant event logging implementation.

Duties and responsibilities include:

• Design and implement comprehensive logging solutions, in alignment with M-21-31 and EO 14028 requirements leveraging Splunk Enterprise and other enterprise event driven tool suites.

• Work closely with government stakeholders to understand security requirements, interpret directives, and support the technical application to the operating environment

• Implement log standards and data integrity processes to ensure events are logged in alignment with federal requirements

• Verify logging compliance, ensuring application and system logs are generated and captured with the centralized logging solution
• Candidate will be “hands-on” with the solution deployment and implementation of the following Splunk elements:
  • Log data ingestion from applications, databases, infrastructure endpoints, and monitoring tools
  • Development of Saved and Scheduled Searches
  • Report and Dashboard/Data Visualization development
  • Establish Logging Event Alerting and assist with event correlation duties
  • Establish interfaces and data sharing with other Splunk instances to integrate data feeds
• Provide strategic and technical recommendations to sponsor, occasionally writing short whitepapers and/or building executive briefs
• Collaborate with stakeholders to identify, implement, and prioritize new potential risk indicators into Splunk UBA.
• Develop and publish the following solution documentation:
  • Document modifications to the current Splunk configuration baseline to include architecture diagrams
  • Publish Splunk Job-Aids/User Documentation and Splunk Training Materials
• Develop and deliver training to the stakeholder community, providing operational guidance to include the following elements:
  • Deployed searches
  • Reports and dashboards
  • Alerts
  • Event Correlation

Required Qualifications:

• A master’s degree in computer science, Cybersecurity, Software Engineering, Computer Science or a closely related technical field, 12 years of IT experience and at least 10 years of experience in developing and implementing Splunk Enterprise logging solutions.
• In lieu of a master’s degree, candidates with a bachelor’s degree in computer science, Cybersecurity, Software Engineering, Computer Science or a closely related technical field, 14 years of IT experience and at least 10 years of experience in developing and implementing Splunk …