Remote Splunk/Cribl Architect - Senior (R-00020)

Description:

• True Zero Technologies is seeking an experienced Data Analytics Architect to join their Data Analytics practice.
• The position is 100% remote and involves leading the design, implementation, and administration of the enterprise data analytics suite for federal government customers, which includes Splunk, Cribl, and other industry-leading solutions.
• The primary responsibility is to design and architect the customer's hybrid cloud/on-prem enterprise data analytics solution.
• Candidates must have significant design, implementation, and administration experience with Splunk Core, Splunk ES, and Cribl in AWS cloud.
• Deep experience with S3 SmartStore configurations and troubleshooting/tuning SmartStore is required.
• Ideal candidates should possess necessary certifications, work well in a team environment, and have (or be willing to obtain) a federal security clearance.
• Experience supporting federal customers and driving security content requirements is preferred.
• Additional skills in AWS cloud and Splunk Indexer Clustering are a plus.
• Candidates will have access to a full knowledge base, collaboration opportunities, and tools for professional growth.

Requirements:

• A minimum of 8-10 years of relevant market experience is required.
• At least 4-5 years of specific experience with Splunk is required.
• A minimum of 2-3 years of specific experience with Cribl is required.
• Candidates must have Splunk Enterprise Security Implementation/Admin Certifications or Accreditation.
• A Splunk Architect Certification is required.
• Experience designing and implementing distributed Splunk installations, including all server roles, is necessary.
• Advanced configuration experience with Splunk, including Indexer Clustering and Search Head Clustering, is required.
• Candidates must have experience with S3 storage technologies and Splunk’s SmartStore indexer clustering technology.
• Experience maintaining and administering enterprise Splunk implementations is required.
• Proficiency in developing custom Splunk content, including scheduled searches, reports, and dashboards, is necessary.
• Candidates must be proficient in data onboarding activities, including custom parsing rules and building Technology Add-Ons according to Splunk's Common Information Model (CIM).
• Cloud experience and/or certifications (AWS, Azure, etc.) are required.
• Cribl Certified - Admin and/or Cribl Certified - User certifications are necessary.
• Experience working with source/destination definitions, pipelines, and PACKS in Cribl is required.
• Candidates must have experience working in Linux and Windows environments and configuring storage subsystems.
• Excellent written and oral communication skills are required, along with the ability to manage customer expectations and track engagement scope.
• The ability to hold a federal security clearance is required.

Benefits:

• The position offers a competitive salary, paid twice per month.
• Employees receive best-in-class medical coverage, with 100% of medical premiums covered by True Zero.
• There are company-wide new business incentive programs and contribution incentives for white papers, blog posts, and internal webinars.
• Employees start with 3 weeks of PTO and receive 11 paid holidays annually.
• A 401k program is available with a 100% company match on the first 4%.
• Monthly reimbursement for cell phone and home internet costs is provided.
• Paternity and maternity leave are offered.
• True Zero invests in training and certifications to help employees broaden and deepen their technical skills.