System Administrator III (Splunk Admin) AL

Description

Position Title: System Administrator III (Splunk Admin)

Location: Maxwell Gunter Airforce Base, AL

Clearance level: Secret

Responsibilities (including but not limited to):

• Design, deploy, configure, and manage Splunk clustered infrastructure on RHEL, including Splunk indexers, search heads, forwarders, and deployment servers.
• Administering Splunk Apps to include developing new or extending existing Apps to perform specialized functionality.
• Develop and implement strategies for efficient data ingestion, parsing, and indexing, ensuring availability and optimal performance of Splunk data repositories.
• Consulting with teams to customize searches, reports, dashboards and configure Splunk to meet their requirements.
• Create and maintain documentation detailing architecture components, configurations, monitoring & alerting setup, troubleshooting guides, and checklists.
• Implement and maintain security controls, and data protection measures in line with best practices and DISA STIG requirements.

• Ability to work with a strong familiarity with Red Hat Enterprise Linux (RHEL) administration.
• Ability to work with a strong understanding of network protocols, security frameworks, and compliance standards.
• Notify appropriate Information Technical Equipment Custodian (ITEC) or Property Custodian (PC), in writing, within 4 hours for all accountable item moves.
• Neatly bundle and conceal all excess system or peripheral cabling after each installation or repair.

Qualifications

• High School diploma or GED.
• 5 years of professional experience with Splunk performing systems administration, including installations, configurations, monitoring system performance and availability, upgrades, troubleshooting, and dashboard design in a Red Hat Enterprise Linux environment (RHEL).
• Must possess one of the following certifications:
  • Splunk Core Certified Power User, or Splunk Core Certified Advanced Power User, or Splunk Enterprise Certified Admin, or Splunk Enterprise Security Certified Admin
• Must possess Secret clearance.