Experis IT is partnered with the world's leading provider of secure financial messaging services in their search for a Senior Splunk Administrator to join their team in Culpeper, VA.

Our partner’s Cyber Fusion Center is seeking an experienced Senior Splunk Administrator to assist with log ingestion and normalization and improving efficiencies in the current Splunk design.

Must Haves:

• This role requires working onsite no less than 2 days a week in Culpeper, VA

• Splunk Enterprise Certified Admin or other relevant credentials.

• Industry Certifications such as GDAT or GMON .

• Experience with other cyber security tools and technologies

• Proficiency in scripting languages such as Python, Bash.

Role Responsibilities:

Data Engineering

• Onboard data to Splunk via forwarder, scripted inputs, TCP/UDP, and modular inputs from a variety of sources.

• Develop and implement strategies to normalize current and future log data, making it consistent and usable for analysis.

• Assess existing Splunk data feeds and implement changes to improve overall SIEM health and align with best practice

• Diagnose and resolve issues related to log ingestion and normalization.

Administration & Support

• Provide operations and maintenance support for a distributed Splunk environment consisting of heavy forwarders, indexers, and search head servers.

• Build, implement, and administer Splunk in Linux environments.

• Work with existing and custom Splunk applications and add-ons to fulfil customer needs.

• Editing and maintaining Splunk configuration files and applications.

• Maintain comprehensive documentation of log onboarding and normalization processes.

• Support security operational teams.

Required Qualifications:

• Splunk

• 4+ Years Experience with Splunk Enterprise hands-on Engineering & Administration deployment, troubleshooting, onboarding data, and maintenance in a clustered environment

• Experience with Splunk data ingestion methods, including forwarders, HTTP Event Collector (HEC), and scripted inputs

• Experience implementing CIM compliance and optimizing Splunk data models.

• Proficiency in SPL.

• In-depth knowledge of various log formats (e.g., syslog, JSON).

IT & Security Principles

• 3+ years of experience with Linux OS, services, daemons, and VMs.

• Solid understanding of IT infrastructure, including networking, operating systems, and security principles.

• Solid understanding of security operations and common log source requirements for security appliances and endpoints

• Ability to follow Change & Configuration Management, utilizing automation tools, such as Git.

ManpowerGroup is committed to providing equal employment opportunities in a professional, high quality work environment. It is the policy of ManpowerGroup and all of its subsidiaries to recruit, train, promote, transfer, pay and take all employment actions without regard to an employee's race, color, national origin, ancestry, sex, sexual orientation, gender identity, genetic information, religion, age, disability, protected veteran status, or any other basis protected by applicable law.