2024-09-12
Core4ce
Other
/yr
employee
contract
Charleston
South Carolina
29401
United States
Core4ce
Splunk Administrator
567-383
Splunk is a powerful log aggregation and data analysis tool used widely by the Defense Health Agency (DHA) to monitor IT assets across the military health system. Core4ce is seeking a System Administrator/Engineer with Splunk experience capable of administering a distributed syslog collection system. A primary responsibility of this position will be supporting a large Splunk Connect for Syslog (SC4S) system requiring automation to deploy, configure and maintain.
Responsibilities
- Deploying logging systems, such as SC4S, at scale using Ansible and containerized instances.
- Monitor and maintain systems performance, availability, and capacity. Recommend configuration changes to improve the performance, stability or usability of the platform.
- Support a large-scale deployment with data feeds from locations worldwide.
- Support data ingestion infrastructure and systems running on Red Hat Enterprise Linux.
- Data onboarding to high data quality standards and CIM compliance.
- Configuring Splunk infrastructure, to include search heads, indexers, forwarders, and other Splunk components in large deployment.
- Act as the Splunk liaison for Splunk technical questions, issues or escalations. This will include working with Splunk Support, Product Management or others as needed.
- Work independently, take initiative, and proactively troubleshoot and resolve platform issues.
Qualifications
- High school graduation or GED. High-level education, such as a technical bachelor’s degree is highly valued, but not required.
- 5+ years of IT experience, with at least a year working directly with Splunk, as a system administrator.
- Experience with the Department of Defense or other federal agencies is preferred but not required.
- Experience with scripting languages such as Bash, Python or Powershell.
- Experience with Linux as a system administrator, certification with Red Hat Enterprise Linux is preferred, but not required.
- Broad understanding of IT infrastructure, including network, system, application and compliance, and corresponding logs generated.
- Splunk Enterprise Certified Admin certification preferred. If the successful candidate does not already hold this certification at the time of hire, he/she will be expected to obtain it within 6 months of starting
- CompTIA Security+ or equivalent certification required, either at the time of hire or within 6 months of starting if not already held.
- Secret security clearance or the ability to obtain a clearance
All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, age, marital status, pregnancy, genetic information, or other legally protected status.
PI249378199
