Job Specifications
The Splunk Engineer is responsible for managing and enhancing our Splunk environment to ensure seamless data ingestion, analysis, and visualization. This role demands a deep understanding of Splunk architecture, data onboarding, and user management to support business needs and security operations.
Responsibilities
Design, deploy, and manage Splunk infrastructure
Develop and maintain Splunk dashboards, queries, and alerts
Integrate Splunk with various data sources to ensure comprehensive data ingestion
Monitor and troubleshoot Splunk performance issues
Collaborate with cross-functional teams to gather requirements and provide Splunk solutions
Implement and enforce best practices for Splunk data management and retention
Provide user training and support for Splunk-related activities
Basic Qualifications
2+ years of experience in managing and configuring Splunk, 2+ years of experience in Splunk architecture: indexers, search heads, forwarders, deployment server and 1+ year with Splunk REST API for automation and operational tasks
2+ years configuring Cribl sources, destinations, routes and collectors
2+ years building pipelines to parse, normalize, enrich, mask/dedup, and route data to Splunk and other targets and
2+ years authoring/maintaining props.conf, transforms.conf, inputs.conf, outputs.conf and packaging Apps/TAs
2+ years in Linux and Windows administration: file paths, services, permissions, and log locations
1+ year with basic familiarity with Cribl Redmap/JavaScript functions
1+ year with regex skills for field extraction and event breaking
Active TS/SCI clearance; willingness to take a polygraph exam
Associate’s degree and 5+ years of experience supporting IT projects and activities, OR Bachelor’s degree and 3+ years of experience supporting IT projects and activities, OR Master’s degree and 1+ years of experience supporting IT projects and activities, OR 10+ years of experience supporting IT projects and activities in lieu of a degree
DoD 8570 IAT Level II certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND certification
Must obtain a DoD 8570 Cyber Security Service Provider - Infrastructure Support certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND certification prior to start date
Additional Qualifications
1 year experience with DISA STIGs or other organizational hardening standards working in regulated environments
2+ years Networking fundamentals: TCP/UDP, TLS, syslog transport, firewall ports and common transport issues
2+ years in basic troubleshooting with tools such as tcpdump/wireshark, basic vi/vim usage, setfacl, SELinux
Knowledge of common log formats: syslog, Windows Event, JSON, CSV, XML
Proficient in SPL for validation, troubleshooting and basic dashboards.
Experience with scripting languages such as Python, Bash, or PowerShell
Strong communication skills
Load-Balancer fundamentals
Knowledge of Git for code version control
Knowledge of Ansible playbooks
Knowledge of Python scripting
About the Company
Tech evolves. Industries shift. Take2 ensures your team moves with it.
We connect public and private sectors with the right IT expertise--when and where it matters most.
Take2 was founded in 2015 on a simple idea: IT staffing needed another take. Businesses and federal agencies were struggling to keep pace with evolving technology, shifting economies, and growing demand for specialized talent. We saw the need for a faster, smarter, people-first approach.
So, we built it.
With our People Cloud and an unmatched abi...
Know more