Remote Splunk Enterprise Security (ES) Engineer - Senior Level (R-00014)

Description:

• True Zero Technologies is seeking experienced Splunk ES-certified engineers and consultants to join their Data Analytics practice.
• The position is fully remote and focuses on the design, implementation, and administration of Splunk instances for federal government customers.
• Responsibilities include data on-boarding, content development, reporting, and visualizations.
• Candidates must have significant experience in Splunk ES design, implementation, and administration.
• A security clearance is required or candidates must be willing to obtain one.
• Preferred candidates will have experience supporting federal customers and working with Security Operation Center (SOC) teams.
• Additional skills in AWS cloud, Cribl, and Splunk Indexer Clustering are advantageous.
• The role offers access to a comprehensive knowledge base and collaboration opportunities within the True Zero community.
• Candidates will have access to tools for training, demos, testing, and professional growth.

Requirements:

• A minimum of 8-10 years of relevant market experience is required.
• At least 2-3 years of specific experience with Splunk is necessary.
• Candidates must hold Splunk Enterprise Security Implementation/Admin Certifications or Accreditation.
• A Splunk Architect Certification is also required.
• Experience in designing and implementing distributed Splunk installations, including all server roles, is essential.
• Candidates should have advanced configuration experience with Splunk, including Indexer Clustering and Search Head Clustering.
• Experience in maintaining and administering enterprise Splunk implementations is required.
• Proficiency in developing custom Splunk content, including searches, reports, and dashboards, is necessary.
• Candidates must be skilled in data on-boarding activities and familiar with custom parsing rules and Technology Add-On building according to Splunk's Common Information Model (CIM).
• Experience in configuring indexes, index routing, and retention policies is required.
• Candidates should be comfortable working in both Linux and Windows environments and have experience with storage subsystems and file permission settings.
• Excellent written and oral communication skills are essential for managing customer expectations and engagement scope.

Benefits:

• True Zero offers a competitive salary, paid twice per month.
• Employees receive best-in-class medical coverage, with 100% of medical premiums covered by the company.
• The company provides new business incentive programs and contribution incentives for white papers, blog posts, and internal webinars.
• Employees start with 3 weeks of PTO and receive 11 paid holidays annually.
• A 401k program is available with a 100% company match on the first 4%.
• Monthly reimbursements for cell phone and home internet costs are provided.
• Paternity and maternity leave are included in the benefits package.
• The company invests in training and certifications to help employees broaden and deepen their technical skills.