milCloud Splunk Engineer

Clearance Level
Top Secret
Category
Cyber Engineering
Locations
Chantilly, Virginia
Durham, North Carolina

REQ#: RQ92900

Travel Required: 10-25%
Requisition Type: Regular

GDIT is seeking a Splunk Engineer to help support our milCloud 2.0 contract in Chantilly, VA or Durham, NC. This position will require the employee to report onsite at one of the 2 designated office locations.

For the ideal candidate, this program MAY offer:
(1)    Relocation assistance (if not local to Chantilly, VA or Durham, NC)
(2)    Potential option for a sign-on bonus 
(3)    Paid Training

The Splunk SME will be supporting the ARC-P and milCloud®2.0 Cyber Security Team. ARC-P is GDIT’s FedRAMP HIGH, JAB authorized, IaaS, cloud environment. While milCloud®2.0 is architected as an ARC-P DoD dedicated region with two availability zones deployed on site at DISA data center locations.

REQUIRED QUALIFICATIONS:
•    Active Top Secret security clearance
•    2-5 years of hands-on experience in the deployment and maintenance of a Linux clustered multisite Splunk environment.
•    Must have hands on experience using and configuring Splunk Enterprise Security (ES, including but not limited to creating/modifying correlation searches, creating/modifying notables and using investigations. 
•    Familiar writing efficient regex.
•    Must be proficient in onboarding data and making it CIM compliant both with and without a provide TA.
•    Must be proficient in creating correlation searches using tstats and working with Data Models.
•    Comfortable using Linux and upgrading various components of Splunk.
•    Basic understanding of networking.
•    Willingness to help SOC analysts investigate notable events
•    Designing and customizing complex search queries and promoting advance searching, forensics, and analytics. 
•    Developing and documenting configuration standards, policies, and procedures for operating, managing, and ensuring the security of a Splunk infrastructure.
•    Developing dashboards, data models, reports, and performance optimization. 
•    Developing documentation on new or existing systems.
•    Working with Splunk professional services as needed. 
•    Communicating with customers and teammates clearly and concisely. 
•    Self Motivated / Self Starter.
•    Familiarity with accessing hosts/applications via Linux.
•    Must be willing to report onsite daily to support classified environments.

DESIRED QUALIFICATIONS:
•    Splunk Certified Enterprise Security Admin Certification
 

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.