Apply Now    

Splunk Administrator

Req #: 129920
Location: Arlington, VA US
Job Category: Information Technology Group
Minimum Clearance Required: Secret

Job Description

Splunk Engineer The Splunk Engineer will focus on Splunk architecture, installation, administration, and development, with a goal toward enhancing the Splunk infrastructure as it relates to application/machine data, troubleshooting, reporting, custom queries, dashboards, and security roles administration.  In addition to log analytics, you will help administrate a variety of other platforms within the Enterprise Management suite.   Duties - Architect, design, support, and maintain Splunk infrastructure for a highly available and disaster recovery configuration - Administering Splunk and Splunk App for Enterprise Security (ES) log management - Standardize Splunk agent deployment, configuration and maintenance across a variety of UNIX and Windows platforms - Troubleshoot Splunk server and agent problems and issues - Assist internal users of Splunk in designing and maintaining production-quality dashboards - Mentor users and other groups on their use of Splunk - Monitor the agent and server infrastructure for capacity planning and optimization - Design core systems performance and troubleshooting logs - Support Splunk on Unix, Linux and Windows-based platforms - Perform data mining and analysis, utilizing various queries and reporting methods - Solve complex Integration challenges and debug complex configuration issues - Technical writing/creation of formal documentation such as architecture diagrams, technical designs, and SOPs Required Qualifications - Splunk experience - minimum 2 to 5 years' experience architecting, configuring, deploying, and customizing the tool - Strong understanding of Splunk configuration files and architecture - Knowledge of advanced search and reporting commands - Demonstrated ability to create complex dashboards, forms, and visualizations - Bachelor‘s degree in Computer Science, Information Security or related technical field; or 10 - 12 years of relevant work experience - Understanding of System Log Files and other structured and non-structured data - Intermediate level understanding of Solaris, Linux and Windows operating systems - Security+ certification - Current Secret Clearance required; SSBI preferred - Effective verbal and written communication skills that include the ability to describe highly technical concepts in non-technical terms   Desired Qualifications - Splunk Architect or Splunk Administrator certification preferred - Knowledge of a scripting language and UNIX command line - Experience working in DISA and working with the DISA DECC environment - Strong knowledge of application monitoring and event management - Knowledge in the Common Information Model (CIM), Understand the relationship between the CIM and knowledge objects, ability to create a lookup file and create a lookup definition& field aliases and calculated fields - In depth understanding of Splunk license management preferred CACI is an Equal Opportunity Employer: Females / Minorities / Individuals with Disabilities / Protected Veterans.  

Job Location



CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.

Apply Now