Splunk Database Engineer Location: Lackland AFB, San Antonio, Texas JOB SUMMARY: The Splunk Database Engineer provides expertise in the implementation, management, and maintenance of Splunk solutions. This role requires a deep understanding of Splunk core components, data ingestion, SPL, and dashboard/alert creation. The Engineer will be responsible for data ingestion, data transformation, data analysis, dashboard creation, and collaborating with technical teams to support project requirements. PR IMARY DUTY RESPONSIBILITIES: Splunk Expertise: Provide Subject Matter Expertise for Splunk software. Demonstrate knowledge of different Splunk versions and data migration techniques between environments. Install, configure, troubleshoot, and patch Splunk software (Enterprise, Forwarders, Indexers, Search Heads). Demonstrate working knowledge of host computing, virtual machine computing, and Splunk software operation in Docker, Kubernetes, and cloud environments. Ingest data into Splunk and transform it for advanced analysis using SPL and Splunk tools. Demonstrate knowledge of programming/scripting languages common to Splunk (SPL, Python). Data Analysis and Visualization: Provide Splunk dashboards from datasets utilizing predefined templates or custom components. Understand and use SPL queries and aggregations for dashboard creation. Write Python code to prepare data for analysis and generate insights using statistical and machine learning techniques, often integrated with Splunk. Data Management and Automation: Demonstrate working knowledge of REST APIs and JSON data format. Translate CSV formatted data into JSON data or other formats suitable for Splunk ingestion. Develop, troubleshoot, and maintain custom scripts to automate data ingestion into Splunk. Provide data input and extraction from Splunk datastores (indexes). Data Science and Architecture: Demonstrate knowledge of Data Science principles, especially Data Enhancement and Data Analysis, as applied within a Splunk context. Derive appropriate design architecture for custom datasets and decompose data into components for analysis within Splunk. Use Splunk tools and apps for Data Enhancement and Data Analysis. Collaboration and Training: Collaborate with technical and application teams to identify, evaluate, and recommend technical solutions. Provide OJT to other contractors, military, and/or civilian personnel on Splunk usage and administration. Maintain continuity folders/working aids to ensure efficient transition when personnel rotate. Compliance: Maintain DoD 8570 IAT Level II compliance (current Security+ certification). Security Clearance: Top Secret SCI - Willing to take Polygraph Education/Certifications: Bachelor's degree in Computer Science, Information Technology, or a related field is preferred. CompTIA Security+ certification (DoD 8570 IAT Level II compliant/8140 System Admin) is required. Relevant Experience: At least 3 years of experience with Splunk software (e.g., Splunk Enterprise, Splunk Cloud, Splunk Forwarders, Indexers, Search Heads). Demonstrated experience with data ingestion, data transformation, and data analysis using Splunk. Experience with Python programming for data analysis and machine learning. Familiarity with Docker, Kubernetes, and cloud environments. Knowledge of Data Science principles, data enhancement, and data analysis techniques. Key Requirements: Strong understanding of Splunk architecture and functionalities. Expertise in data manipulation, transformation, and analysis using Splunk Search Processing Language (SPL). Ingest data into Splunk and transform it for advanced analysis using SPL and Splunk tools. Demonstrate knowledge of programming/scripting languages common to Splunk (SPL, Python).
Read Less
