Splunk Database Engineer

Location: Lackland AFB, San Antonio, Texas

JOB SUMMARY: The Splunk Database Engineer provides expertise in the implementation, management, and maintenance of Splunk solutions. This role requires a deep understanding of Splunk core components, data ingestion, SPL, and dashboard/alert creation. The Engineer will be responsible for data ingestion, data transformation, data analysis, dashboard creation, and collaborating with technical teams to support project requirements.

PRIMARY DUTY RESPONSIBILITIES:

• Splunk Expertise:

• • Provide Subject Matter Expertise for Splunk software.
  • Demonstrate knowledge of different Splunk versions and data migration techniques between environments.
  • Install, configure, troubleshoot, and patch Splunk software (Enterprise, Forwarders, Indexers, Search Heads).
  • Demonstrate working knowledge of host computing, virtual machine computing, and Splunk software operation in Docker, Kubernetes, and cloud environments.
  • Ingest data into Splunk and transform it for advanced analysis using SPL and Splunk tools.
  • Demonstrate knowledge of programming/scripting languages common to Splunk (SPL, Python).
• Data Analysis and Visualization:
  • Provide Splunk dashboards from datasets utilizing predefined templates or custom components.
  • Understand and use SPL queries and aggregations for dashboard creation.
  • Write Python code to prepare data for analysis and generate insights using statistical and machine learning techniques, often integrated with Splunk.
• Data Management and Automation:
  • Demonstrate working knowledge of REST APIs and JSON data format.
  • Translate CSV formatted data into JSON data or other formats suitable for Splunk ingestion.
  • Develop, troubleshoot, and maintain custom scripts to automate data ingestion into Splunk.
  • Provide data input and extraction from Splunk datastores (indexes).
• Data Science and Architecture:
  • Demonstrate knowledge of Data Science principles, especially Data Enhancement and Data Analysis, as applied within a Splunk context.
  • Derive appropriate design architecture for custom datasets and decompose data into components for analysis within Splunk.
  • Use Splunk tools and apps for Data Enhancement and Data Analysis.
• Collaboration and Training:
  • Collaborate with technical and application teams to identify, evaluate, and recommend technical solutions.
  • Provide OJT to other contractors, military, and/or civilian personnel on Splunk usage and administration.
  • Maintain continuity folders/working aids to ensure efficient transition when personnel rotate.
• Compliance:
  • Maintain DoD 8570 IAT Level II compliance (current Security+ certification).

Security Clearance: Top Secret SCI – Willing to take Polygraph

Education/Certifications:

• Bachelor’s degree in Computer Science, Information Technology, or a related field is preferred.
• CompTIA Security+ certification (DoD 8570 IAT Level II compliant/8140 System Admin) is required.

Relevant Experience:

• At least 3 years of experience with Splunk software (e.g., Splunk Enterprise, Splunk Cloud, Splunk Forwarders, Indexers, Search Heads).
• Demonstrated experience with data ingestion, data transformation, and data analysis using Splunk.
• Experience with Python programming for data analysis and machine learning.
• Familiarity with Docker, Kubernetes, and cloud environments.
• Knowledge of Data Science principles, data enhancement, and data analysis techniques.

Key Requirements:

• • Strong understanding of Splunk architecture and functionalities.
  • Expertise in data manipulation, transformation, and analysis using Splunk Search Processing Language (SPL).
  • Ingest data into Splunk and transform it for advanced analysis using SPL and Splunk tools.
  • Demonstrate knowledge of programming/scripting languages common to Splunk (SPL, Python).