Splunk Data Analytic Subject Matter Expert from NetVision Resources, Inc
Woodlawn, MD 21207
About the Job
Duties and Responsibilities:
- Create a consolidated data set that conforms to the common information model made up of sensor data sources that is already aggregated together and is also already searchable.
- Develop the capability to aggregate all sensor data results based on two main categories: "tangible assets, namely hardware, software, and data" and "Information Systems, groups of assets with a business purpose."
- Develop the capability to tag new data so that it falls into the Re-Usable data assets model so that IO and CDM dashboard can ingest them.
- Create a way to translate key value pairs from any sensor tools into the format needed to be consumed.
- Transform already good data into the format needed for ingestion by Xacta.IO and CDM Elastic file.
- Create data pipeline and create connections between data source(s) and the Re-Usable data asset model.
- Create connection between Splunk and the Re-Usable data asset model.
- Establish Xacta.IO data pipeline connection with the Re-Usable data asset model.
- Establish CDM Elastic data pipeline connection with the Re-Usable data asset model.
- Develop an integrator between Splunk and Xacta.IO and CDM Elastic.
- Buildout Data Warehouses/ data models:
- Tag Data o Buildout data pipelines in Splunk o Establish data pipeline connections o Develop Integrators/Integrations (between Splunk, DbConnect, Splunk, Xacta)
- Aggregate various types of data
- Create Key Value pairs o ETL coding o Buildout Dashboards
- Configure notable event actions, action menus and Adaptive Responses.
- Data onboarding and data ingestion normalization recommendations.
- Strong knowledge of security risk procedures, security patterns, authentication technologies and security attack pathologies.
- Develop, evaluate, and document, specific metrics for management purposes.
- Create Dashboards to monitor the traffic volumes, response times, errors, and warnings across various data centers.
- Monitor the web portals, log files and databases.
- Design and Develop Splunk for routine use.
- Solve complex Integration challenges and debug complex configuration issues.
- Consult with stakeholders to establish, maintain and refresh their strategic direction in cloud adoption.
- Become knowledgeable on the CDM technical requirements for the federal government's CDM program. Understand your role in CDM activities.
- Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access.
- Design, manage, and maintain enterprise SIEM infrastructure to improve data ingestion processes, including architectural work on data pipelines to ensure optimal flow of data.
Basic Qualifications:
Minimum knowledge, skills, abilities needed.
- Experience using customer-focused Splunk Data Pipelining SIEM engineering background
- Experience in a senior Splunk role working in a Splunk clustered environment supporting SOC or NOC environments
- Experience with Splunk Common Information Model (CIM) and Enterprise Analytic.
- Experience in automating Splunk Deployments and orchestration within a Cloud environment.
At least 4 years of experience with:
- In-depth knowledge of designing, upgrading, maintaining, and implementing network devices on a large-scale enterprise
- Direct experience with Splunk Engineering and data integration
- Prior SIEM data modelling experience on similar platform at scale (>50 servers)
- Scripting and development skills in Python/Perl with deep comprehension of regular expressions
- Coordination and communication with other remotely deployed team members
- Developing documentation with processes and procedures o Proposing, implementing automation features in a large enterprise environment
- At least 3 years of experience with Linux and SQL/ODBC interfaces
- At least 2 years of experience with data transport and transformation APIs and technologies such as JSON, XML, XSLT, JDBC, SOAP and REST.
- Hold active Splunk Core Certifications of at least Splunk Architect
- Minimum of 3 year of experience in developing and tailoring reporting from network security tools.
NetVision Resources, Inc. (NVR) is a fast growing, IS9001, IS20000, CMMI DEV/2, MBE certified technology consulting and software development firm, based out of the DC Metro area. To know more, please visit: www.netvisionresources.com
Salary
70 - 75 /hour