Splunk Architect SME (Subject Matter Expert)

Description:

Splunk Architect SME (Subject Matter Expert) supports designing, implementing, and maintaining complex Splunk environments, including data ingestion, analysis, visualization, and reporting, while acting as a technical leader with in-depth knowledge of Splunk functionalities to meet specific business needs, often focusing on security monitoring, operational intelligence, or compliance reporting within an organization; key responsibilities include developing custom searches, dashboards, alerts, and data models, troubleshooting technical issues, and providing training and support to other Splunk users.
In support of the EEMTT team of the EITSI program, the Splunk Architect SME is responsible for building out an enhanced enterprise monitoring platform utilizing Splunk. Working closely with our primary DHA Infrastructure and Operations Division client, the Splunk SME will help shape enterprise solution requirements and guide new solution development activities. The DHA Splunk enterprise solution will be integrated with ServiceNow and many other service management monitoring systems to provide a monitoring intelligence hub for all of DHA. The Splunk Architect SME will guide the EEMTT team to become an Enterprise Solution Provider that utilizes AI for IT operations to automate self-healing activities as well as incident monitoring and improved business/data analytics for program management.

Responsibilities:
* Provides technical/management leadership on major tasks or technology assignments. Establishes goals and plans that meet project objectives
* Demonstrates domain and expert technical knowledge of enterprise monitoring solutions
* Design and implement Splunk architecture based on scaling requirements and performance considerations.
* Monitor Splunk system health, identify performance bottlenecks, and optimize configurations.
* Manage Splunk capacity planning and resource allocation
* Design and implement data ingestion pipelines from diverse data sources (application logs, system logs, network traffic, etc.).
* Configure Splunk data inputs, indexes, and data processing pipelines to optimize data collection and analysis.
* Monitor data ingestion and troubleshoot data quality issues
* Design and implement data ingestion pipelines from diverse data sources (application logs, system logs, network traffic, etc.).
* Configure Splunk data inputs, indexes, and data processing pipelines to optimize data collection and analysis.
* Monitor data ingestion and troubleshoot data quality issues
* Leverage Splunk Enterprise Security (ES) to detect and investigate security incidents.
* Develop and maintain custom Splunk ES detection rules and correlation searches.
* Ensure compliance with relevant RMF security and industry regulations by monitoring and reporting on key data points.
* Provide technical training and support to Splunk users across the organization
* Develop user documentation and best practices guides for Splunk usage
* Directs activities for a client, project and/or program, having overall responsibility for financial management, methods, and staffing to ensure that technical requirements are met
* Serve as an advisor to senior leadership regarding the technological aspects of the organization.
* Provide technical expertise to assist senior leadership in shaping and achieving the organization's strategic vision, operational and tactical goals.

Skills:

Strong customer service and communications skills, both oral and written
Excellent communication and collaboration skills to work with cross-functional teams
Strong critical thinking skills that facilitate expedient problem solving
Strong understanding of Splunk core functionalities, including search syntax, data models, and reporting capabilities
Expertise in data analysis techniques and statistical methods
Experience with scripting languages like Python or PowerShell for automation
Knowledge of network protocols, system administration, and security concepts
Proven ability to design and implement complex Splunk solutions to address business needs

Required Qualifications:

Minimum of 12 years with BS/BA; Minimum of 10 years with MS/MA; Minimum of 7 years with Ph.D.
• Experience with enterprise monitoring tools and architecture experience
• Must have Active Secret Clearance
• Must be a U.S. Citizen
• Proven experience with Splunk architecture
• Current active IAT/IAM III certification (CISSP or CISM) with related Computing Environment (CE) Splunk certifications to comply with DoD 8570 and DoD 8140.03 requirements
• Experience in RMF or similar government IT certification and accreditation processes

Desired Qualifications:

• Experience working within Military Health environments (preferred)
• Familiarity with ServiceNow (MHSSHD) ITSM ticketing system (preferred)

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.