Splunk Engineer

This is a full-time position, and requires a TS/SCI/Full Scope Polygraph Clearance.

2HB Incorporated is seeking a Splunk Engineer to support its government customer in Chantilly, VA.

The US Government's (USG) monitoring team uses Splunk to collect detailed system audit and performance logs necessary for system accreditation, troubleshooting, and security reporting. The Sponsor is responsible for collection of these data and working with system owners and users to get the most out of the data collection. The Sponsor needs proficiency in creating dashboards to assist stakeholders with troubleshooting, managing data feeds status, and managing audit logs from applications. Work will include collecting and reporting of hosted systems.

Mandatory Skills:

• Demonstrated experience working with Splunk and Linux.
• Demonstrated experience understanding Splunk distributed architecture and data pipelines, with hands-on implementation.
• Demonstrated experience with Splunk client management and apps management.
• Demonstrated experience with integrating Splunk with various data sources such as syslog, flat files, databases, APIs, cloud platform logs, HEC endpoints.
• Demonstrated experience with Splunk SPL to create searches, reports, alerts, and dashboards.
• Demonstrated experience with Splunk conf files to manage inputs, props, transforms, and similar.
• Demonstrated experience with fluency with Linux OS (RHEL or Rocky 8) and Command Line Interface (CLI)
• Demonstrated experience with scripting languages such as Bash, Python.
• Demonstrated experience with powershell for task automation.
• Demonstrated experience with custom apps development.
• Demonstrated experience with Regular Expression.
• Demonstrated experience with AWS SDK and CLI to programmatically interface with AWS.

This is a full-time position, and requires a TS/SCI/Full Scope Polygraph Clearance.