Splunk Data Analytic Subject Matter Expert from NetVision Resources, Inc

Duties and Responsibilities:

• Create a consolidated data set that conforms to the common information model made up of sensor data sources that is already aggregated together and is also already searchable.
• Develop the capability to aggregate all sensor data results based on two main categories: "tangible assets, namely hardware, software, and data" and "Information Systems, groups of assets with a business purpose."
• Develop the capability to tag new data so that it falls into the Re-Usable data assets model so that IO and CDM dashboard can ingest them.
• Create a way to translate key value pairs from any sensor tools into the format needed to be consumed.
• Transform already good data into the format needed for ingestion by Xacta.IO and CDM Elastic file.
• Create data pipeline and create connections between data source(s) and the Re-Usable data asset model.
• Create connection between Splunk and the Re-Usable data asset model.
• Establish Xacta.IO data pipeline connection with the Re-Usable data asset model.
• Establish CDM Elastic data pipeline connection with the Re-Usable data asset model.
• Develop an integrator between Splunk and Xacta.IO and CDM Elastic.
• Buildout Data Warehouses/ data models:
• Tag Data o Buildout data pipelines in Splunk o Establish data pipeline connections o Develop Integrators/Integrations (between Splunk, DbConnect, Splunk, Xacta)
• Aggregate various types of data
• Create Key Value pairs o ETL coding o Buildout Dashboards
• Configure notable event actions, action menus and Adaptive Responses.
• Data onboarding and data ingestion normalization recommendations.
• Strong knowledge of security risk procedures, security patterns, authentication technologies and security attack pathologies.
• Develop, evaluate, and document, specific metrics for management purposes.
• Create Dashboards to monitor the traffic volumes, response times, errors, and warnings across various data centers.
• Monitor the web portals, log files and databases.
• Design and Develop Splunk for routine use.
• Solve complex Integration challenges and debug complex configuration issues.
• Consult with stakeholders to establish, maintain and refresh their strategic direction in cloud adoption.
• Become knowledgeable on the CDM technical requirements for the federal government's CDM program. Understand your role in CDM activities.
• Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access.
• Design, manage, and maintain enterprise SIEM infrastructure to improve data ingestion processes, including architectural work on data pipelines to ensure optimal flow of data.

Basic Qualifications:

Minimum knowledge, skills, abilities needed.

• Experience using customer-focused Splunk Data Pipelining SIEM engineering background
• Experience in a senior Splunk role working in a Splunk clustered environment supporting SOC or NOC environments
• Experience with Splunk Common Information Model (CIM) and Enterprise Analytic.
• Experience in automating Splunk Deployments and orchestration within a Cloud environment.

At least 4 years of experience with:

• In-depth knowledge of designing, upgrading, maintaining, and implementing network devices on a large-scale enterprise
• Direct experience with Splunk Engineering and data integration
• Prior SIEM data modelling experience on similar platform at scale (>50 servers)
• Scripting and development skills in Python/Perl with deep comprehension of regular expressions
• Coordination and communication with other remotely deployed team members
• Developing documentation with processes and procedures o Proposing, implementing automation features in a large enterprise environment
• At least 3 years of experience with Linux and SQL/ODBC interfaces
• At least 2 years of experience with data transport and transformation APIs and technologies such as JSON, XML, XSLT, JDBC, SOAP and REST.
• Hold active Splunk Core Certifications of at least Splunk Architect
• Minimum of 3 year of experience in developing and tailoring reporting from network security tools.

NetVision Resources, Inc. (NVR) is a fast growing, IS9001, IS20000, CMMI DEV/2, MBE certified technology consulting and software development firm, based out of the DC Metro area. To know more, please visit: www.netvisionresources.com