Job Description
Job DescriptionJob Overview
We are looking for a dynamic and dedicated Senior Splunk Engineer to support our Federal Customers mission in Washington, DC. The role will provide support for our customers Accounting and Technology Services (ATS). The ATS is responsible for maintaining our customers data repositories. The Senior Splunk Engineer will be responsible for designing, implementing, and optimizing Splunk solutions to support cybersecurity, compliance, and operational visibility across government systems. The role will lead efforts in log ingestion, correlation rule development, dashboard creation, and performance tuning while ensuring alignment with federal security standards.
Core Responsibilities to include (but not limited to):
- Lead the deployment and configuration of Splunk Enterprise or Splunk Cloud solutions, ensuring scalability, high availability, and compliance with federal IT standards.
- Create custom dashboards, reports, and alerts to support security operations, system monitoring, and compliance reporting.
- Ingest and normalize data from diverse sources (e.g., syslogs, APIs, cloud services) using props, transforms, and field extractions.
- Collaborate with cybersecurity teams to develop correlation searches, threat detection use cases, and support incident response efforts aligned with NIST and other federal frameworks.
- Provide technical guidance to junior engineers and maintain thorough documentation of configurations, processes, and best practices.
Requirements
- Active Top Secret Clearance with the ability to pass a Lifestyle Polygraph
- Bachelor's Degree in Physics, Mathematics, Information Technology, Computer Science, Business, or related discipline
- Eight years of relevant professional experience of applicable technology expertise.
- Proficient in designing, implementing, and managing Splunk environments, including cluster architecture.
- Advanced knowledge of Splunk Search Processing Language (SPL)
- Expertise in developing complex queries, dashboards, and reports using SPL.
- Ability to optimize searches for performance and scalability.
- Strong experience in data onboarding, parsing, and indexing, including log management and extraction of meaningful metrics.
- Familiar with various data input methods like Syslog, HTTP Event Collectors (HEC), and APIs.
- Knowledge of Splunk Enterprise Security (ES) and/or IT Service Intelligence (ITSI)
- Experience in configuring and managing Splunk ES and /or ITSI modules.
- Understanding of security information and event management (SIEM) concepts.
- Proficiency with REST APIs and other scripting tools (e.g. Python, Bash) to automate tasks and integrations.
- In-depth knowledge of Linux/Unix systems administration, including shell scripting and performance tuning.
- Familiarity with cloud platforms (AWS and/or Azure) and experience managing Splunk in cloud environments.
- Ability to troubleshoot and resolve Splunk performance issues.
- Experience with scaling Splunk in large environments and ensuring high availability.
EEO Compliance:
Ryde is an Equal Employment Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by law. Ryde will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law.