Splunk Administrator - Mid

We are seeking a skilled Mid-Level Splunk Administrator to support a mission-critical DISA program. The selected candidate will play a key role in maintaining and enhancing the operational integrity of the Splunk platform, enabling real-time security monitoring, operational visibility, and advanced analytics.

Requirements

• 3+ years of experience administering Splunk in an enterprise or DoD environment.
• Active DoD Secret clearance with eligibility for a Top Secret clearance.
• Proven experience with Splunk Enterprise administration, including search head clustering and indexer clustering.
• Strong understanding of Splunk data models, CIM compliance, and field extractions (regex, Splunk props/transforms).
• Experience onboarding data from security tools, network appliances, and infrastructure systems.
• Familiarity with Linux/Unix systems administration and shell scripting.
• Knowledge of DoD cybersecurity requirements (e.g., STIGs, RMF, NIST 800-53 controls).
• Experience supporting tickets and change requests through ITSM platforms (e.g., Remedy, ServiceNow).
• Excellent analytical, problem-solving, and communication skills.