Abile Group has an exciting and challenging opportunity for a Lead Splunk Engineer Architect supporting a DoD Customer's Classified Network Services. The mission will include Operations, Compliance, Cyber Security, Customer Service, and Engineering. The right Lead Splunk Engineer Architect candidate will possess the below skills and qualifications and be ready to handle all responsibilities independently and professionally.

• Provides Splunk support for design, architecture, development, unit test, deployment, installation, configuration, integration, operation, and maintenance.
• Redesigns an enterprise Splunk environment using industry practices along with cluster environments or multi-tenant environments.
• Experience in the design and upgrade of Splunk in the cloud and on-premises environments to include architecting search head, indexer, universal forwarder, and heavy forwarder instances needed to service the expanding enterprise demand expected on the Splunk System as cross organizational use cases emerge.
• Drives complex security focused Splunk deployments, including architecting, implementing, and integrating with a current or planned customer security and monitoring strategy to include advanced products like Enterprise Security.
• Builds Splunk dashboards that take inputs from various data sources such as application logs, operating system logs, middleware logs, network feeds, etc.
• Utilizes Splunk to develop data requirements, data catalog(s), data descriptions, data sources, and data formatting to ensure that security controls can be measured and managed across on-premises and cloud IT services.
• Turns data into action with intelligent analytics and clear insights. Defines raw input requirements to support data models as well as final outputs required to ensure Department personnel can assess the security status of computing systems and produce readable, understandable summary reporting.
• Inventories and assesses data sources and inputs and ensure this data is prioritized and properly formatted for Splunk ingest and report generation.
• Builds Splunk dashboards that take inputs from vendor tools such as Tenable, Trellix, Cisco, Microsoft, etc.

Clearance Required: TS/SCI.

Degree and Years of Experience: 5 to 8 years with BS/BA or 3 to 5 years with MS/MA or 0 to 2 years with PhD.

• Five years of experience with planning, designing, deploying, and configuring Splunk in cloud, virtual, and physical environments.

Required Certification: 

• Splunk Architect is required.
• Splunk Certified Administrator certification required.
• 8140/8570 IAT Level III certification required.

Required Skills:

• Expertise in Lookup Tables, CSV, and Summary Indexes.
• Proven experience in a Splunk Architect role.
• Strong understanding of Splunk architecture, components, and deployment options.
• Proficiency in Splunk Search Processing Language (SPL) for creating complex search queries and reports.
• Experience with Splunk data ingestion methods, including forwarders, HTTP Event Collector (HEC), and scripted inputs.
• Solid understanding of IT infrastructure, including networking, operating systems, and security principles.
• Excellent problem-solving skills and attention to detail.
• Strong communication and collaboration abilities.

Desired Skills:

• Experience with installing Enterprise Security, SOAR, and Qmulos.
• Familiarity with Syslog servers.
• System administrator.
• Network administrator.
• Experience with Linux and Windows.

Abile Group, Inc. was formed in July 2004 to partner with the Intelligence Community and their Contractors in the areas of Enterprise Analytics & Performance Management, IT & Systems Engineering and Program & Project Management. We have significant experience with the Federal Government and are an EDWOSB dedicated to our employees and clients. We are looking for high performing employees who enjoy providing advice and guidance along with solutions development and implementation support, crafted by combining industry best practices with the clients’ subject matter experience and Abile’s breadth of expertise. 

Abile is committed to hiring the most qualified and best fit person for the job - always has, always will. Anyone requiring reasonable accommodations should email careers@abilegroup.com with requested details. A member of the HR team will respond to your request within 2 business days. 

Please review our current job openings and apply for the positions you believe may be a fit. If you are not an immediate fit, we will also keep your resume in our database for future opportunities.