• Location: Tysons, Virginia
  • Type: Direct Hire
  • Job #899


RavenTek is seeking a Splunk Engineer to support a great customer with the following responsibilities:


  • Be responsible for advanced security event detection and threat analysis for complex and/or escalated security events.
  • Provide log/network/malware/device analysis and making recommendations for remediation of security vulnerability conditions.
  • Validate log sources and indexed data, search through indexed data to optimize search criteria.
  • Add Customer Context, eliminate noise and false positives, and develop trends and data models.
  • Distill Customer intelligence feeds; use cases, trends, and data models.
  • Create custom alert schema, reports, and custom dashboards.



Job Requirements:


Required Security Clearance: TS/SCI with FSP


Qualification Requirements:

  • Familiarity with server-side scripting
  • Drive complex deployments of Splunk dashboards and reports while working side by side with the customers to solve their unique problems across a variety of use cases
  • Assist internal users of Splunk in designing and maintaining production-quality dashboards.
  • Experience in design, implementation, and support of Splunk (Indexers, Forwarders, Search-Heads Setup etc.)
  • Experience with implementing and administering Splunk.
  • Good understanding with virtualization technologies (Hypervisor, VMware, etc.)
  • Apps/Dashboards for license usage and Application errors.
  • Experience with Linux and Windows agents for Splunk administration with a solid understanding of the Splunk system.
  • Ability to create operations documentation for maintaining the Splunk infrastructure.
  • Setting up Splunk Forwarding for new application tiers introduced into the environment.
  • Identifying bad searches/dashboards and partnering with the creators to improve performance.
  • Troubleshooting Splunk performance issues / Opening support cases with Splunk.
  • Monitor the Splunk infrastructure for capacity planning and optimization.
  • Troubleshoot log feeds, field extractions, search time, etc.
  • Provide Granular, Role-based Security.
  • Restrict access to sensitive logs/data
  • Experience in onboarding new data, inputting new information, Creating new dashboards, Extraction info through Splunk
  • Report generation ad customization


Required Education and Experience:

  • Bachelor’s Degree in Computer Science or Engineering or equivalent experience.
  • Five to seven years of relevant experience


Preferred Qualifications:

Splunk Admin Certification

Experience with databases.


Employment Type: Full Time / Permanent


Working Conditions:

  • Business work hours are on site and set from Monday through Friday, 40 hours a week.
  • Maybe required to COVID vaccine or negative testing requirement.


Physical Requirements:

Employee needs to be able to sit at a workstation for extended periods; use hand(s) to handle or feel objects, tools, or controls; reach with hands and arms; talk and hear. Most positions require ability to work on desktop or laptop computer for extended periods of time reading, reviewing/analyzing information, and providing recommendations, summaries and/or reports in written format. Must be able to effectively communicate with others verbally and in writing. Employee may be required to occasionally lift and/or move moderate amounts of weight, typically less than 20 pounds. Regular and predictable attendance is essential.

Background Screening/Check/Investigation:

Successful Completion of a Background Screening/Check/Investigation will/may be required as a condition of hire.


Attach a resume file. Accepted file types are DOC, DOCX, PDF, HTML, and TXT.

We are uploading your application. It may take a few moments to read your resume. Please wait!