Managed Services Splunk Engineer

Own The Role:

Join North America’s Top Splunk Services Partner!  SP6 is seeking a highly motivated individual to join our growing Managed Services team. MS Splunk Engineers serve as the subject matter experts in advancing Splunk.

You will work and gain exposure in large multifaceted and intricate customer environments that have a multitude of different technologies. Additionally, you will work in collaboration with the engineers and analysts from SP6 customers to perform a wide array of tasks to ensure systems are secure, compliant, and performant.

How You'll Drive Success:

Deployment Maturity

• Creating Quarterly Customer Maturity Roadmaps
• Splunk Enterprise and app upgrades (to approved versions)
• Installation and configuration of Splunk-certified apps
• Creating and modifying roles and user group associations
• Modifying indexes and retention policy
• On-boarding new data sources
• Installation Splunk apps
• Re-architecture of Syslog aggregation for Splunk or extensive modification to Syslog configuration
• Re-architecture of authentication into Splunk
• Expanding log source collection of an existing source type
• Participating in Executive Business Reviews

Health & Performance

• Deployment health checks & architecture reviews
• System Performance Tuning 
• Troubleshooting issues within the Splunk environment, including silent log source monitoring
• Reducing license usage on data sources
• Periodic review of Errors/warnings reported by internal Splunk logs
  • Log normalization (CIM)
  • Custom script development

Security Expertise: 

• Creating Quarterly Customer Security Roadmaps
• Implement and maintain detection capabilities across Splunk deployments
• Assist customers in developing a comprehensive strategy for effective detection of malicious activity
• Coordinate with internal and external teams to improve the accuracy of detection capabilities and implement best practice mitigations and automated response capabilities
• Conduct detection gap analyses & customer security workshop calls
• Document and communicate detection capabilities and gaps clearly and effectively leveraging multiple industry frameworks including MITRE ATT&CK, the Cyber Kill Chain, and NIST
• Advice on data source prioritization
• Research and innovate net new mitigation, detection, and response capabilities given input from industry trends, customer feedback, and research
• Participating in Executive Business Reviews

To Be Successful:

• 1 year of Splunk Admin experience or Splunk Admin certification
• 3 years of system admin, IT operations, or related experience.
• Working knowledge of Linux (various flavors RedHat, Ubuntu, Centos, Debian, etc.)
• Good understanding of Networking concepts
• Working knowledge in Systems Administration / Engineering with Windows and/or Linux
• Strong problem solving and abstract reasoning abilities
• Hands-on troubleshooting/technical support/helpdesk experience
• Self-motivated with strong presentation skills and good verbal communication skills.
• Must be able to take extreme ownership(accountability) and seek constant improvement
• Must be customer-focused, team-oriented, and operate with integrity.
• Excellent verbal and written communication skills

Why SP6?

• Recognized as one of North America’s top professional service partners.
• The chance to be part of a winning team and a premier Splunk partner.
• Competitive salary and OTE. 
• 100% employer-paid health insurance (Gold-rated plan).
• 401(k) with company match.
• 30 days of annual paid time off (4 weeks Paid Time Off Holidays)
• Significant Training and Development and Certification attainment.
• Opportunity for long-term career advancement.
• Your contributions are felt and recognized by our growing company.

About SP6:

SP6 is a niche technology firm advising organizations on how to best leverage the combination of big data analytics and automation across distinct (3) practice areas:

• Cybersecurity Operations and Cyber Risk Management (including automated security compliance and security maturity assessments).
• Fraud detection and prevention
• IT and DevOps Observability and Site Reliability

Each of these distinct domains is supported by SP6 team members with subject matter expertise in their respective disciplines.

SP6 provides Professional Services as well as ongoing Co-Managed Services in each of these solution areas.  We also assist organizations in their evaluation and acquisition of appropriate technology tools and solutions.  SP6 operates across North America and Europe.

#LI-REMOTE