Support the CBP Enterprise through leading a team of engineers responsible for managing complex and distributed Splunk enterprise environments both on-premises and within the AWS cloud. Oversee the ingestion of various data across enterprise toolsets and applications, manipulate/parse this data into proper event formatting using Props, Transforms, and other means, and mobilize this data to meet the needs of the enterprise, using Search Processing Language and XML to create custom searches, dashboards, and alerts. Troubleshoot platform errors and maintain the overall performance and health of the enterprise platform. Create documentation to facilitate used by the team to maintain and manage the platform.

• 5+ years of experience serving as a Splunk Enterprise Administrator and/or Splunk Enterprise Architect
• 5+ years of experience as a system administrator
• 5+ years of experience with scripting and automation
• 5+ years of experience with cloud orchestration solutions such as Red Hat Anisble or AWS CloudFormation.
• 5+ years of experience with the AWS cloud environment
• Proficient in Linux

• CERTIFIED SPLUNK ARCHITECT II or CISSP REQUIRED*
• SECRET WITH TS ELIGIBILITY REQUIRED*