Splunk Cyber Security SME

Splunk Cyber Security SME - (Remote)

USPS is seeking an experienced Splunk Subject Matter Expert with strong Engineering skills to join our dynamic team. The ideal candidate will be responsible for designing, deploying, and maintaining on-premises and cloud based Splunk environments to support enterprise-level monitoring, alerting, and reporting. This role demands deep expertise in Splunk system architecture, design, implementation, configuration and operational support in a hybrid on-prem Unix/Linux and cloud-based environment. Candidates must be able to collaborate across DevOps, Security, and IT teams to optimize performance, ensure data integrity, system availability and support mission-critical operations. Proven hands-on experience with a large enterprise wide Splunk environment is mandatory. Off-hours and weekend efforts for systems maintenance, upgrades and support may be required from time to time.

Required Skills:
* 5+ Years of Splunk Experience Required
* Manages knowledge objects (fields, extractions, tags, event types, lookups, workflow actions, aliases, macros, and so on) - through automations, scripting, management server functions; to include .conf and .cfg files in scope of the last four Splunk Enterprise versions
* Experience with Splunk deployment and configuration management in large-scale environments
* Proficiency in writing complex Splunk queries, dashboards, and alerts using SPL (Search Processing Language)
* Experience with REST APIs for Splunk and external system integration
* Ability to analyze and troubleshoot complex data ingestion and parsing issues
* Designing and developing an automations workflow and dashboard interface for such
* Self-starter with a service-oriented mindset who will take action, find ways to solve problems, and move projects to conclusion independently
* Strong problem-solving skills and the ability to translate research insights into practical solutions that address real-world challenges.
* Strong communication and collaboration skills with the ability to articulate complex technical concepts to both technical and non-technical audiences.
* Experience in mentoring and guiding junior researchers or team members

Preferred Skills:
* Ability to leverage the Splunk AI Assistant and other AI tools to increase accuracy and efficiency of task and other deliverables
* Advanced knowledge of Unix/Linux and/or Windows systems administration and troubleshooting
* Strong scripting skills in Bash, Python, JavaScript, SQL and PowerShell for automation and integration tasks
* Experience with Splunk upgrades, patching, and performance tuning
* Proficiency in integrating Splunk with cloud platforms (AWS, GCP, Azure)
* Understanding of security and compliance requirements and implementation of role-based access controls (RBAC) in Splunk
* Strong knowledge of logging standards and best practices across application and infrastructure layers
* Extensive knowledge of defense-in-depth principles, Network and Security architecture, network topology, IT device integrity, and common security elements.
* Executes new projects as well as data and user onboarding
* Strong understanding of IT and Cyber industry standards and technologies to include such controls governed by NIST, FISMA, and FedRamp
* Experience installing and utilizing and developing with the Splunk App for Data Science and Deep Learning.
* Experience installing and utilizing and developing with the Splunk SOAR Automation toolset
* Experience or background in the Cybersecurity, Systems/Network Administration or Observability industry

Experience:
o A minimum of eight (8) to twelve (12) years' relevant experience.
o A degree from an accredited College/University in the applicable field of services is required. If the individual's degree is not in the applicable field then four additional years of related experience is required.
o Typically performs all functional duties independently.
o Note: Special credentials (licenses and/or certifications) may be required at the Task Order level on a case-specific basis.

Additional Provisions:
* Pass a client mandated clearance process to include drug screening, criminal history check and credit check.
* Once candidate's resume is approved and interview passed, the agency is responsible for providing drug screening. Failure to submit the drug screening results will delay the security clearance process.
* If a candidate is given an interim clearance, continuation of employment is then based on the candidate receiving a sensitive clearance.
* All candidates must be a US Citizen or permanent status Green Card holder.
* Cannot have more than 6 months travel outside the United States within the last five years. Military Service excluded. (Exception does not include military family members.)
* All overtime must be pre-approved in writing by the client manager or his/her designated representative.
* Agency will not be reimbursed for overtime charges without previous written authorization. Authorized overtime will be reimbursed at straight time.
* The enforced dress code is business casual, i.e., collared shirt with slacks for men, no skirts above the knee for women.