Job Summary
We are seeking a highly skilled Systems Administrator to provide Splunk support for the Air Force Intranet Control (AFINC) III Support program. This is a full-time position that requires a strong understanding of system administration and Splunk infrastructure.
Main Responsibilities:
* Design, deploy, configure, and manage Splunk clustered infrastructure on RHEL, including Splunk indexers, search heads, forwarders, and deployment servers.
* Administer Splunk Apps, including developing new or extending existing apps to perform specialized functionality.
* Develop and implement strategies for efficient data ingestion, parsing, and indexing, ensuring availability and optimal performance of Splunk data repositories.
* Consult with teams to customize searches, reports, dashboards, and configure Splunk to meet their requirements.
* Create and maintain documentation detailing architecture components, configurations, monitoring and alerting setup, troubleshooting guides, and checklists.
* Implement and maintain security controls and data protection measures in line with best practices and DISA STIG requirements.
Requirements
To be successful in this role, you must have:
* A minimum of 5 years experience in systems administration, HS diploma or GED.
* Must be Security+ certified.
* Must hold one of the following certifications: Splunk Core Certified Power User, Splunk Core Certified Advanced Power User, Splunk Enterprise Certified Administrator, or Splunk Enterprise Security Certified Administrator.
* Experience with Splunk performing systems administration, including installations, configurations, monitoring system performance and availability, upgrades, troubleshooting, and dashboard design in a Red Hat Enterprise Linux environment (RHEL).
* Strong familiarity with Red Hat Enterprise Linux (RHEL) administration.
* Strong understanding of network protocols, security frameworks, and compliance standards.
* Excellent communication skills, both oral and written, analytical skills to troubleshoot issues, and an ability to conceptualize server infrastructures and configurations.
* Must be a US citizen and hold a current Top Secret clearance with SCI access (TS/SCI).
Applicants selected will be subject to a U.S. government security investigation and must meet eligibility requirements for access to classified information.
This is an EOE/M/F/Vet/Disabled employer.