TitleSplunk Engineer
Department NameGovernment Solutions
Windward Consulting is at the forefront of Service-Centric IT.  With strategic consulting, unparalleled technical expertise and our proven Windward Service-Centric IT RoadMap, we help our clients align the core competencies of process, organization, information and technology to run the most sensitive and mission-critical IT environments in the world.
Our consultants solve our clients’ most challenging problems, uncovering answers to questions they didn't even know.  Only apply if you have a thirst to learn new technologies and thrive in a fast-paced environment. We work with the US Government as well as Fortune 500 clients, and our employees are not only passionate and driven, but strive to ensure customer quality is delivered consistently and effectively.

If you are looking for an opportunity to be involved with a team of individuals who are working within one of our cutting-edge clients solving complex technical challenges then we are looking for you. We are looking for people who are passionate about technology and have a "roll up their sleeves mentality". Here at Windward we offer numerous opportunities to expand your experience in various areas depending upon your aptitude and interests. Our employees are not only passionate and driven, but strive to ensure customer quality is delivered consistently and effectively.  

We are currently looking for a Splunk Engineer who will execute the implementation of Splunk and implement the stack of Network Security devices for the customer, and provide documentation, configuration, and training of resources.  The customer is The Federal Retirement Thrift Investment Board was established as an independent agency of the United States government by the Federal Employees Retirement System Act of 1986. It has roughly 270 employees. It was established to administer the Thrift Savings Plan, which is a retirement savings and investment plan for Federal employees and members of the uniformed services, including the Ready Reserve. The Thrift Savings Plan is a tax-deferred defined contribution plan similar to a private sector 401(k)plan. The Thrift Savings Plan is one of the three parts of the Federal Employees Retirement System, and is the largest defined contribution plan in the world with over 5 million participants and assets worth over $500 billion. The board members and its chairman are nominated by the president and confirmed by the United States Senate. The current chairman is Michael Kennedy.[1]
Job Duties:

Provide technical leadership in a large complex environments to include Splunk Engineering, SOC operations, Technical Writing, and Training. 

Position Qualifications:
Be prepared to fulfil the following:
Splunk Engineering 
  • Integrate and customize Splunk apps 
  • Ingest logs into Splunk from databases and applications (includes non-COTS applications); develop custom parsers as needed 
  • Create Knowledge Objects (dashboards, alerts, reports, field extraction, data models, workflow actions,
  • CSV, and external lookups) 
  • Tune Splunk to optimize performance 
  • Troubleshoot issues related to searching, licensing, and errors 
  • Help setup Splunk User Behavior Analytics (UBA) 
  • Support upgrades, deployments, and modifications to Splunk and all Splunk architecture 
SOC Operations: 
  • Develop custom Splunk ES correlation searches & tune notable events 
  • Optimize and tune current dashboards 
  • Create new dashboards based on new feeds and tune over a period of time 
  • Correlate event logs to create more targeted dashboards and alerts 
  • Set up advanced searches and reports 
  • Create knowledge objects specific to SOC operations 
  • Create prioritized list of assets within Splunk and related live dashboards and notification 
  • Set up live data pull from external intelligence sites and integrate with correlation searches 
Technical Writing 
  • Document the Splunk deployment and configuration (architecture documentation & diagrams) 
  • Document the specific SOPs, including: 
    i) Splunk System Recovery Plan 
    ii) Archival procedures 
    iii) Specific environmental differences from Splunk User Guide 
    iv) Security Operations Center (SOC) specific use of Splunk in the customer environment 
    (1) Feed ingestion procedures (how to request new feeds) 
    (2) Access Request procedures 
    (3) Provide insight & recommendations for additional SOPs 
    c) Develop Splunk RBAC model Document the hardware configuration on which Splunk is deployed 
    d) Document Network Flows & create diagrams 
    e) Weekly status reports on all work executed, deliverables developed/submitted, and work planned for next period 
    f) Use-case development 
    g) Work with Audit and Assessment teams to validate controls and architecture deployment 
    h) Support the identification and documentation of data sources 
    i) Document existing retention policies, availability, searching capability, etc. 
  • Provide admin training using Splunk best practices 
  • Provide tuning training using Splunk best practices 
  • Provide training to Splunk front end users

Desired Skills:
  • Ability to define, influence, and communicate technical direction, to make decisions, and to work autonomously in order to ensure the successful implementation of MuleSoft technology
  • Ability to understand and clarify complex business integration requirements
  • Ability to create eloquent, scalable, manageable designs, utilizing the MuleSoft Anypoint Platform
  • Ability to explain complex technical issues to project managers, developers, and architects in an easy to understand manner, as well as recommend thoughtful solutions
  • Ability to participate in the continuous improvement of MuleSoft products by making technical contributions and by providing critical updates from the field
  • Ability to implement technical solutions for enterprise systems and build trust with customers in MuleSoft’s ability to meet their business requirements
  • Ability to lead small development teams in multi-phase, heterogeneous work environments with multiple work streams
  • Ability to actively test and clearly document implementations so others can understand the requirements, implementation, and test conditions
Education and Preferred Experience:
This is a senior role, the resource must be able to be able to fully execute all of the work as described and have relevant real-world, hands on experience (4+ years’ experience at Splunk)
  • Must be a Splunk Certified Consultant I & II 
  • Must have formal arrangement with Splunk to have reach back access to Splunk Engineers, Splunk Subject Matter Experts, Splunk Best Practices Managers, and the broader Splunk team.  
  • Resource must be able to obtain a public trust (high). 
  • Resource must have a strong understanding of FISMA and NIST standards 
  • Experience configuring switches, routers, and storage devices. 
  • Ability to communicate IT, networking, and security concepts to personnel at all levels of experience and responsibility 
  • Strong time management and multitasking skills as well as attention to detail 
  • Experience working with multiple high priority tasks simultaneously 
  • Comfortable identifying and defining system security requirements 
  • Excellent oral and written communications skills, including writing comprehensive reports and white papers 
  • Experience as a government contractor 
  • Bachelor’s degree or higher in a technical field such as Computer Science, Information Security, Information Technology, Comp
Security Clearance:
  • None
Work Location:
  • FRTIB HQs, Washington DC
Windward strives to attract and retain the best individuals and provide an environment where they can all grow professionally and build a rewarding career. We continually strive to create an environment that balances work life and offers benefits that will enhance the compensation package. We offer Medical, Dental, Vision, Flexible Spending Accounts, Short Term Disability, Long Term Disability, Life Insurance and AD&D, as well as the option to purchase additional Life Insurance and AD&D, Paid Time Off, Personal Leave, Holidays, 401(k) plan with company match and work/life balance.

Windward is proud to be an Equal Opportunity Employer. Applicants are considered for all positions without regard to race, color, religion, sex, national origin, age, disability, sexual orientation, ancestry, marital or veteran status.