Splunk Cyber Security SME
Remote
Full Time
Civilian
Experienced
Tetrad Digital Integrity (TDI) is a leading-edge cybersecurity firm with a mission to safeguard and protect our customers from increasing threats and vulnerabilities in this digital age.
TDI is seeking an experienced Splunk Subject Matter Expert with strong engineering skills to join our dynamic team.
RESPONSIBILITIES:
- Design, deploy, and maintain on-premises and cloud based Splunk environments to support enterprise-level monitoring, alerting and reporting.
- Solid understanding of Splunk system architecture, design, implementation, configuration and operational support in a hybrid on-prem Unix/Linux and cloud-based environment.
- Collaborate across DevOps, Security, and IT teams to optimize performance, ensure data integrity, system availability and support mission-critical operations.
- Proven hands-on experience with a large enterprise wide Splunk environment is mandatory.
- Off-hours and weekend efforts for systems maintenance, upgrades and support may be required from time to time.
QUALIFICATIONS:
- 5+ Years of Splunk experience required
- Manage knowledge objects (fields, extractions, tags, event types, lookups, workflow actions, aliases, macros, and so on) – through automations, scripting, management server functions; to include .conf and .cfg files in scope of the last four Splunk Enterprise versions
- Experience with Splunk deployment and configuration management in large-scale environments
- Proficiency in writing complex Splunk queries, dashboards, and alerts using SPL (Search Processing Language)
- Experience with REST APIs for Splunk and external system integration
- Ability to analyze and troubleshoot complex data ingestion and parsing issues
- Designing and developing an automations workflow and dashboard interface for such
- Strong problem-solving skills and the ability to translate research insights into practical solutions that address real-world challenges.
- Strong communication and collaboration skills with the ability to articulate complex technical concepts to both technical and non-technical audiences.
- Experience in mentoring and guiding junior researchers or team members
PREFERRED QUALIFICATIONS:
- Ability to leverage the Splunk AI Assistant and other AI tools to increase accuracy and efficiency of task and other deliverables
- Advanced knowledge of Unix/Linux and/or Windows systems administration and troubleshooting
- Strong scripting skills in Bash, Python, JavaScript, SQL and PowerShell for automation and integration tasks
- Experience with Splunk upgrades, patching, and performance tuning
- Proficiency in integrating Splunk with cloud platforms (AWS, GCP, Azure)
- Understanding of security and compliance requirements and implementation of role-based access controls (RBAC) in Splunk
- Strong knowledge of logging standards and best practices across application and infrastructure layers
- Extensive knowledge of defense-in-depth principles, Network and Security architecture, network topology, IT device integrity, and common security elements.
- Executes new projects as well as data and user onboarding
- Strong understanding of IT and Cyber industry standards and technologies to include such controls governed by NIST, FISMA, and FedRamp
- Experience installing, utilizing and developing the Splunk App for Data Science, Deep Learning and SOAR Automation toolset
TDI does business with the federal government, which restricts employment to individuals who are either US citizens or lawful permanent residents of the United States.
“TDI is an Equal Opportunity Employer. Employment decisions are made based on individual qualifications, merit, and business needs. We do not discriminate in employment opportunities or practices based on race, color, religion, sex, or national origin, in accordance with applicable federal laws.”
Apply for this position
Required*