Splunk Data Analytics SME

Splunk Data Analytics SME

Requirements

• Deep understanding of Splunk architecture
• Proficiency in using Splunk’s advanced features, such as dashboards, alerts, and reports
• Strong analytical skills to interpret complex data sets, identify trends, and derive actionable insights
• Extensive experience with Splunk, data analytics, and big data technologies
• Strong technical and computational skills in engineering, physics, or mathematics
• Proficiency in coding and developing applications for unstructured and semi-structured data analysis
• Experience with cybersecurity application development and SIEM technologies
• Familiarity with cloud-based high-performance infrastructures and data processing techniques
• Must be able to obtain and maintain a Public Trust.

Responsibilities

• Create consolidated data sets that conform to the Common Information Model (CIM) from various sensor data sources, ensuring they are aggregated and searchable.
• Develop capabilities to aggregate sensor data based on tangible assets (hardware, software, and data) and information systems with business purposes.
• Implement tagging for new data to fit into the Re-Usable Data Assets model for ingestion by IO and CDM dashboards.
• Translate key-value pairs from sensor tools into the required format for data consumption.
• Transform existing data into formats suitable for ingestion by Xacta.IO and CDM Elastic files.
• Design and implement data pipelines connecting data sources to the Re-Usable Data Asset model.
• Establish connections between Splunk and the Re-Usable Data Asset model, as well as with Xacta.IO and CDM Elastic.
• Develop integrators between Splunk, Xacta.IO, and CDM Elastic.
• Build out data warehouses and data models, including tagging data, establishing data pipeline connections, and developing integrations.
• Aggregate various data types and create key-value pairs, including ETL coding and dashboard development.
• Configure notable event actions, action menus, and adaptive responses within Splunk.
• Provide recommendations for data onboarding and normalization processes.
• Maintain strong knowledge of security risk procedures, authentication technologies, and security attack patterns.
• Develop, evaluate, and document specific metrics for management purposes.
• Create dashboards to monitor traffic volumes, response times, errors, and warnings across data centers.
• Monitor web portals, log files, and databases for performance and security.
• Design and develop Splunk solutions for routine operational use.
• Solve complex integration challenges and debug configuration issues.
• Consult with stakeholders to establish and refresh strategic direction in cloud adoption.
• Understand and comply with the CDM technical requirements for the federal government’s CDM program.
• Address a wide range of security issues, including architectures, firewalls, electronic data traffic, and network access.
• Design, manage, and maintain enterprise SIEM infrastructure to improve data ingestion processes, ensuring optimal data flow through architectural work on data pipelines.

Preferred Qualifications

• Security certifications (e.g., CISSP, CISM, CompTIA Security+)
• Experience with data pipeline development and integration
• Knowledge of regulatory requirements and compliance standards relevant to cybersecurity