Full Time, Employee

Harrisburg PA

  1. Overview: Splunk Administrator.


  1. Project Scope: This position is part of a team responsible for administering the Splunk system as directed by the Splunk Architect and Enterprise Monitoring manager.  This position supports, maintains, and documents the Splunk system which is critical in supporting day to day enterprise system logging for the agency.


  1. Deliverables:
  • Produce, publish and maintain documentation adhering to department protocol.  Thoroughly document system configuration and changes.  Coordinate with network, database and server administrators to prepare non-production and production environments for new or enhanced systems, processes or applications.
  • Participate in system installation, upgrades/patches, configuration and tuning.
  • Create and maintain reports, scripts, programs or other tools within the Splunk system to maintain system health and integrity.
  • Define and maintain system and monitor application security.
  • Follow the Security Technical Implementation Guide (STIG’s) methodology for standardized secure installation and maintenance of computer software and hardware.
  • Administration of all aspects of all Splunk environments
  1. Implement and maintain Splunk infrastructures and configurations
  2. Monitor all system, applications, hosts, data ingestion, forwarder status, system health, etc.

iii. System management for clustering, deployment, licensing, and other server functions.

  1. All forwarder interactions with systems v. Manage and create applications for all of the above.
  2. Collect and assess system metrics.
  • Customer interaction to determine requirements and success factors for requests
  1. Assesses customer requests
  2. Provides guidance and training to customers

iii. Customer 1st level support, acts as interface between customers and Splunk team

  • Create and maintain manageable processes and documentation for all aspects of administration and development.
  • Assist the Splunk team with development of new applications, views, dashboards, reports, alerts, data collection, scheduling of alerts and reports.
  • Assist with the development and implementation of document configuration standards, policies and procedures for operating, managing and ensuring the security of Splunk infrastructure.
  • Collaborate with other teams to establish optimally functioning processes for system optimization, incident management, development practices, etc.
  • Collaborate with architects, designers, requirements analysts, database and system administrators and developers on system and application design.
  • Promote changes and releases through the various test, quality assurance and production systems. Export, import, build and deploy various system configurations and components.
  • Enterprise Monitoring systems and applications problem resolutions and production support.
  • Research and troubleshoot the most complex technical issues causing the unavailability of systems or applications for users and provide expertise for resolution.  Collaborate with vendor and internal support areas.
  • Document the cause and resolution of outages.

For more about this position, an SGC representative will be in touch immediately.