Junior Splunk Analyst

Benefits

Pulled from the full job description

Full job description

Objective/Purpose- Brief Synopsis - This position is for a Junior Splunk analyst. The primary scope of duties are providing Junior Splunk analyst, maintenance, and reporting support to multiple EOUSA Splunk distributed enterprise environments (PROD, TEST, POC).

Background/Project Description The Executive Office for United States Attorneys (EOUSA) is responsible for providing administrative, technical and legal support to all 94 United States Attorneys' offices (USAOs) located in over 200 geographically dispersed sites throughout the continental United States, Alaska, Guam, the Mariana Islands, Puerto Rico, Hawaii, and the U.S. Virgin Islands. The EOUSA Enterprise End-User Technology (EEUT), Telecommunications and Technology Development (TTD), Enterprise Application Development (EAD) and Cybersecurity Service (CS) staffs provide for the identification and analysis of the business needs/requirements to USAOs necessary for the design, development, and deployment of secure office automation, wide and local area networking, case management and other applications.

Splunk is a highly scalable engine for machine generated IT data that collects, indexes, and harnesses data from across physical, virtual, or cloud infrastructures in real time. Unstructured machine data is given structure through time-based indexing so that analytics can be applied to that data to gain insight and understanding. Splunk captures and monitors real-time data streams from applications, network devices, hosts, security devices and software. In addition to real-time streams, Splunk analyzes historical data looking for trends, patterns, and anomalies. Splunk supports continuous monitoring and also delivers a security-related context you can apply to any event from any layer of an IT infrastructure, and using Splunk will avoid and prevent business impacting incidents through visibility and proactive monitoring.

Scope of Work and Requirements - The Contractor shall provide a qualified Junior Splunk Analyst (JSA) who meets the Government's requirements listed below. The JSA shall have experience in defining security, utilization, and performance requirements for local and wide area networks. The JSA shall be proficient in implementing solutions that align with the Government’s security / monitoring systems and requirements. The JSA shall be proficient in the SPLUNK platform, familiar with Ansible, Python, and PowerShell scripting, Internet Proxy Logs, RSA, Windows Active Directory, Windows Servers, Red Hat Enterprise Linux Servers, and capacity planning in Windows/ Linux environments.

The Junior Splunk Engineer shall, under the guidance of the Network Operations IT Program Manager, be responsible for the daily operations and maintenance of the EOUSA/NOS Splunk deployment, to include:

· Perform daily administrative tasks to manage Splunk datasets and storage utilization. This includes monitoring automated backup tasks, manually backing up data if necessary, monitoring storage utilization on Splunk servers in all environments as well as network attached storage.

· Maintain Splunk Knowledgebase by updating existing and creating new KB articles as identified by the team.

· Create and update Splunk resources including saved searches, visualizations, alerts, dashboards and any other ad hoc deliverables as needed.

· Interface with user community and provide first level of support to troubleshoot issues or assist with any other Splunk requirements.

· Coordinate with, accept tasking from, accept guidance from, and collaborate on priorities with Senior Splunk engineer / Task lead.

· Participate in periodic stand-up task meetings. Frequency may be daily or multiple times per week based on projects in process.

· Create Splunk reports and dashboards as identified as needed based on enterprise customer requirements or internal team needs.

· Assist in creating, updating, and documenting Ansible playbooks (scripts) used to automate tasks and workflows (groups of tasks) within the Splunk environments.

· Manage Splunk lookups by verifying that automated jobs are updating lookup tables properly as well making adhoc changes as necessary.

· Monitor, administer and maintain accessibility to Splunk components including search heads, indexers, deployers, cluster masters, forwarders and syslog servers for continuous production environment uptime

· Coordinating with various components within EOUSA and DOJ to troubleshoot issues

· Manage and secure RHEL and Windows servers for Splunk platform including patches and access controls.

· Assist team with reviewing/assessing/implementing new data sources, ie: syslog, scripted input, db inputs

· Working with IT Managers to validate data and provide training on new dashboard enhancements

· Assist with maintaining existing PowerShell / Python / C# scripts and creating new scripts as needed

· Assist with integrating various data sets into Splunk and creating new dashboards to ensure the confidentiality, integrity, security and availability of the USAO WAN

· Provide a weekly Progress/Exceptions Report to include a list of tasks assigned, completed, and pending.

Period of Performance- 1 October 2025 – 30 September 2026.

Place of Performance- 175 N St. NE, Washington DC 20530 or 1600 Hampton Street, Columbia SC

Equipment furnished:

The government/client will provide equipment to complete job.

Security Requirements - All personnel, including the support required by this initiative, must be United States Citizens, and must meet the DOJ Residency Requirement. It is the responsibility of the Contractor to assure that proposed employees for each aspect of this task have met federal investigative standards and are suitable for employment and/or access to national security information. Certification of requirements from either the Office of Personnel Management (OPM) or the Defense Industrial Security Clearance Office (DISCO) will be required. The minimum investigation required is to be cleared for a BI and can be expected to hold up to a Top Secret clearance. The minimum investigation required is to be cleared to hold Secret clearance. A DD254 can be found at Attachment (7) of the basic order. Contractors shall agree to comply with the NISPOM.

Pay: $50,000.00 - $60,000.00 per year

Benefits:

• 401(k)
• 401(k) matching
• Dental insurance
• Health insurance
• Life insurance
• Paid time off
• Professional development assistance
• Vision insurance

Work Location: In person