Senior Splunk Engineer (SME) - 2 Positions - Remote Eligible

Cybersecurity Splunk Sme

Tetrad Digital Integrity (TDI) is a leading-edge cybersecurity firm with a mission to safeguard and protect our customers from increasing threats and vulnerabilities in this digital age. TDI is seeking an experienced cybersecurity Splunk SME with strong engineering skills to join our dynamic team at the Postal Service.

Responsibilities:

• Designing, deploying, and maintaining on-premises and cloud based Splunk environments to support enterprise-level monitoring, alerting, and reporting.
• Expertise in Splunk system architecture, design, implementation, configuration and operational support in a hybrid on-prem Unix/Linux and cloud-based environment.
• Collaborate across DevOps, Security, and IT teams to optimize performance, ensure data integrity, system availability and support mission-critical operations.
• Proven hands-on experience with a large enterprise wide Splunk environment is mandatory.
• Off-hours and weekend efforts for systems maintenance, upgrades and support may be required from time to time.

Qualifications:

• 5+ years of Splunk experience.
• Manages knowledge objects (fields, extractions, tags, event types, lookups, workflow actions, aliases, macros, and so on) – through automations, scripting, management server functions; to include .conf and .cfg files in scope of the last four Splunk Enterprise versions.
• Experience with Splunk deployment and configuration management in large-scale environments.
• Proficiency in writing complex Splunk queries, dashboards, and alerts using SPL (Search Processing Language).
• Experience with REST APIs for Splunk and external system integration.
• Ability to analyze and troubleshoot complex data ingestion and parsing issues.
• Design and automations workflow and dashboard interface for such.
• Ability to leverage the Splunk AI Assistant and other AI tools to increase accuracy and efficiency of task and other deliverables.
• Advanced knowledge of Unix/Linux and/or Windows systems administration and troubleshooting.
• Strong scripting skills in Bash, Python, JavaScript, SQL and PowerShell for automation and integration tasks.
• Experience with Splunk upgrades, patching, and performance tuning.
• Proficiency in integrating Splunk with cloud platforms (AWS, GCP, Azure).
• Experience installing and utilizing and developing with the Splunk SOAR Automation toolset.

TDI does business with the federal government, which restricts employment to individuals who are either US citizens or lawful permanent residents of the United States.

TDI is an Equal Opportunity Employer. Employment decisions are made based on individual qualifications, merit, and business needs. We do not discriminate in employment opportunities or practices based on race, color, religion, sex, or national origin, in accordance with applicable federal laws.