• Splunk Engineer

    Job Locations US-DC | US-Nationwide
    Posted Date 2 weeks ago(8/8/2019 4:13 PM)
    # of Openings
    Technology Consulting
  • Overview

    Focal Point Data Risk is a new type of risk management firm, one that delivers a unified approach to addressing data risk through a unique combination of service offerings. Focal Point has brought together industry-leading expertise in cyber security, internal audit, identity governance and access management, data privacy and analytics, and hands-on training services. By integrating these services, Focal Point provides clients with the scalable support they need to protect their assets and leverage data across their organizations. Simply put, Focal Point is the next generation of risk management.


    The Splunk Engineer will provide support for design, architecture, development, unit test, deployment, installation, configuration, integration, operation, and maintenance supporting the expansion of the environment to include architecting Search Head, Indexer, and Forwarder instances needed to service the expanding enterprise demand expected on the Splunk System.


    • Splunk infrastructure and application administration
    • Splunk ingestion, connector and syslog engineering/management and support across applications, server, database, and mainframe systems
    • Support for Guardium SQL database auditing ingestion into Splunk
    • Advanced event analysis and use of Splunk as a business tool
    • Communications with stakeholders and customers to understand and address business requirements and expectations for the use of Splunk.
    • Content use cases, categorization files, filters, reports, queries, dashboards, rules, and Active Channels depending on the COTS product
    • Architecting and deploying clustered/distributed Splunk Enterprise 7. x implementations to large, complex customers.
    • Administering Splunk and Splunk Apps to include developing new/custom Apps to perform specialized functionality.
    • Integrating Splunk with a wide variety of legacy data sources and industry leading commercial security tools that use various protocols.
    • Consulting with customers to customize and configure Splunk in order to meet their requirements.
    • Performing advanced searching and reporting to help customers with the implementation specialized/custom dashboards.
    • Performing maintenance and optimization of existing clustered Splunk deployments.
    • Communicating with customer stake holders to include leadership, support teams, and system administrators.
    • Technical writing/creation of formal documentation such as reports, training material, slide decks, and architecture diagrams.
    • Gathering and analyzing security specific requirements for log ingestion and creating appropriate Splunk indexes
    • Identifying gaps in the security logging architecture and developing solutions to best address any identified gaps
    • Work with multiple teams to develop use cases and dashboards for all levels of management
    • Performing root cause analysis on any operational security issues


    • Expertise with Splunk Enterprise and ability to demonstrate support for premium solutions such as Enterprise Security, User Behavior Analytics, and IT Service Intelligence
    • Requirements analysis, data modeling, and implementation of the Splunk Enterprise Security, User Behavior Analytics and IT Service Intelligence solutions from Splunk.
    • Minimum of 0-2 years supporting Splunk
    • Demonstrated ability to support multiple instances and modules of Splunk
    • Experience in implementation of Glass Tables via ITSI is Needed.
    • Experience with software development, system architecture, and/or databases a plus.
    • Splunk admin certification or higher (preferred)
    • As our client is a US government agency, US citizenship is required for the role.
    • Candidates must be currently based in the DC area or able to travel 50-60%.


    Focal Point is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.  If you’d like to view a copy of the company’s affirmative action plan or policy statement, please email hr@focal-point.com.  If you are an individual with a disability and would like to request a reasonable accommodation as part of the employment selection process, please contact Chelsea Campbell at 813-402-1208 or recruiting@focal-point.comThis telephone line and email address is reserved solely for job seekers with disabilities requesting accessibility assistance or an accommodation in the job application process. Please do not call about the status of your job application if you do not require accessibility assistance or an accommodation. Messages left for other purposes, such as following up on an application or non-disability related technical issues, will not receive a response.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed