Splunk Engineer / Content Developer Job at Zermount, Inc in Arlington
Zermount, Inc, Arlington, VA, US, 22201
Job Description
Description
Summary:
Zermount is seeking a Splunk Engineer / Content Developer to join our team. The Splunk Engineer / Content Developer is expected to provide overall engineering and design support for a very large distributed Splunk environment, spanning security, performance, and operational roles. Additionally, the Splunk Engineer will support the full system engineering life cycle, including requirements analysis, design, development, integration, test, documentation, and implementation following defined best practices and operational workflows.
Provide technical support for Splunk, including remediation of technical issues. Provide custom content development for Splunk in response to industry trends, and identified Indicators of Compromise (IOCs), & client requirements. Responsible for the continued enhancement of the functionality and integration of new log sources / onboard data sources, alerting & reporting capabilities, data normalization, and enhancements (e.g., dashboards, severity ratings, correlation logic for events from disparate system logs & alerts, event watch lists, monitoring channels, event/alert queues, event/alert reviewing/clearing standards).
The Splunk Engineer / Content Developer will work with other Engineering team members and will be required to interact with stakeholders to gather requirements and perform troubleshooting.
Duties and Responsibilities:
- Uses RESTful and SOAP APIs, Python, PowerShell, Bash, JavaScript, and other programming methods.
- Develops custom integrations for ticketing, alerting, automation, and orchestration.
- Develops interfaces, dashboards, and other custom data visualizations.
- Performs data normalization and transference to/from multiple systems.
- Analyzes multiple data origin systems to assist with establishing datasets and data models.
- Works with Big Data sources, internal and external applications, and network/device monitoring tools
- Documents efforts and customization methodology to provide long-term solution supportability.
- Performs testing and training; undertakes other communication methods to publicize program activities.
- Gathers and analyzes customer requirements, translating mission needs into technical directives.
- Works with stakeholders in tactical tasks, strategic goals, value-centric results, and customer success.
- Comfortable navigating Linux and Windows CLI, cloud environments such as AWS and Azure, and remote access protocols such as RDP and SSH.
Qualifications
Required Skills:
A minimum of five (5) years of experience with Splunk and two (2) years' experience with SOAR technologies.
Certifications & Training (Preferred):
- Splunk Certified Admin (required)
- Splunk Certified Architect (preferred)
- Splunk Certified Developer (preferred)
Clearance:
Library Specific Minimum Background Investigation (MBI) will be conducted.
Work Location:
- Remote (Initial onboarding in Arlington, VA)
- Minimal travel may be required if requested by the agency.