SAIC
SAIC is seeking a
Splunk Administrator
to support our customer site in
North Charleston, SC
or
New Orleans, LA .
The Splunk Administrator will support the Cloud CITI Splunk Team under the Service Delivery IPT. The position is responsible for administration, maintenance, and enhancement of the Splunk platform, ensuring optimal performance and availability for mission‑critical security and business operations. The role supports multi‑environment (on‑premise NIPR/SIPR and cloud) deployments and integrates with enterprise tools including ServiceNow, eMASS, Tenable ACAS, Trellix ESS, SolarWinds, and EvaluateSTIG. The candidate will collaborate closely with mission owners, ISSM, and internal teams to support ingestion, analysis, alerting, reporting, and incident response activities.
Duties and Responsibilities
Install, configure, and maintain Splunk Enterprise software, Apps, and Add‑ons
Configure data inputs from servers, applications, and network devices
Manage indexes, parsing, and data normalization for multi‑tenant environments
Troubleshoot configuration, indexing, and performance issues
Develop dashboards, reports, alerts, and saved searches using SPL
Support data collection for security incident response and forensics
Create and maintain system documentation and configuration tracking
Manage user roles, RBAC permissions, and STIG compliance
Integrate Splunk with enterprise tools such as ServiceNow, Tenable ACAS, Trellix ESS, EvaluateSTIG, and eMASS
Support Enterprise Security (ES) and IT Service Intelligence (ITSI) modules for performance and security enhancement
Qualifications Required Experience
9 years of experience with a bachelor’s degree in Electrical, Electronic, or Computer Engineering; Computer Science; or Information Systems
Certifications
At least one of the following: CompTIA Security+, CompTIA Advanced Security Practitioner (CASP), Certified Information Systems Security Professional (CISSP)
Technical Skills
Strong understanding of DoD STIG and auditing/monitoring controls
Advanced knowledge of Splunk architecture, configuration, and optimization
Proficiency in Splunk Processing Language (SPL)
Experience with PowerShell, Bash, and Python for automation
Working knowledge of Windows, Linux, and networking principles
Familiarity with virtualization and Red Hat Enterprise Linux (RHEL)
MUST BE A US CITIZEN WITH AN ACTIVE SECRET CLEARANCE AND THE ABILITY TO OBTAIN A TOP SECRET
#J-18808-Ljbffr
Splunk Administrator
to support our customer site in
North Charleston, SC
or
New Orleans, LA .
The Splunk Administrator will support the Cloud CITI Splunk Team under the Service Delivery IPT. The position is responsible for administration, maintenance, and enhancement of the Splunk platform, ensuring optimal performance and availability for mission‑critical security and business operations. The role supports multi‑environment (on‑premise NIPR/SIPR and cloud) deployments and integrates with enterprise tools including ServiceNow, eMASS, Tenable ACAS, Trellix ESS, SolarWinds, and EvaluateSTIG. The candidate will collaborate closely with mission owners, ISSM, and internal teams to support ingestion, analysis, alerting, reporting, and incident response activities.
Duties and Responsibilities
Install, configure, and maintain Splunk Enterprise software, Apps, and Add‑ons
Configure data inputs from servers, applications, and network devices
Manage indexes, parsing, and data normalization for multi‑tenant environments
Troubleshoot configuration, indexing, and performance issues
Develop dashboards, reports, alerts, and saved searches using SPL
Support data collection for security incident response and forensics
Create and maintain system documentation and configuration tracking
Manage user roles, RBAC permissions, and STIG compliance
Integrate Splunk with enterprise tools such as ServiceNow, Tenable ACAS, Trellix ESS, EvaluateSTIG, and eMASS
Support Enterprise Security (ES) and IT Service Intelligence (ITSI) modules for performance and security enhancement
Qualifications Required Experience
9 years of experience with a bachelor’s degree in Electrical, Electronic, or Computer Engineering; Computer Science; or Information Systems
Certifications
At least one of the following: CompTIA Security+, CompTIA Advanced Security Practitioner (CASP), Certified Information Systems Security Professional (CISSP)
Technical Skills
Strong understanding of DoD STIG and auditing/monitoring controls
Advanced knowledge of Splunk architecture, configuration, and optimization
Proficiency in Splunk Processing Language (SPL)
Experience with PowerShell, Bash, and Python for automation
Working knowledge of Windows, Linux, and networking principles
Familiarity with virtualization and Red Hat Enterprise Linux (RHEL)
MUST BE A US CITIZEN WITH AN ACTIVE SECRET CLEARANCE AND THE ABILITY TO OBTAIN A TOP SECRET
#J-18808-Ljbffr