Description

Leidos is seeking a Splunk Developer to join a large IC DoD customer contract. Leidos is building a new team to transform our customer spaces. We are looking for a concerted and forward leaning individual who wants to tackle challenges and be a part of creating innovative solutions. In return, Leidos will invest in you with a new enhanced leave plan, generous 401k, and training to name just a few great benefits. Ready to tackle your next challenge - then we want you on our team. In this role, your responsibility will be to manage the data sources ingested by the system and work with stakeholders to devise effective ways of displaying information useful to the user.

Why Leidos?

• Leidos Life promotes excellent work-life balance. You can make an impact and have time for your well-being.
• Leidos offers many opportunities for career development and advancement.
• Learn more about the benefits we offer: https://www.leidos.com/careers/pay-benefits.

• Gather stakeholder requirements for Splunk dashboard reporting capabilities, including the data sources required to compute the dashboard
• Uses centralized and peripheral databases, content management, records management systems and shapes workflow and processes.
• Manages data sources used by the stakeholders.
• Develops data correlation use cases and helps design dashboards for use by stakeholders.
• Compiles reports on performance and usage metrics and future requirements for existing Splunk Reporting capabilities including, but not limited to, search, discovery, storage and retrieval of data and formal production and taskings.
• Coordinate access to additional data source by working with data owners.
• Manages data onboarding and defining configurations
• Performs data interpretation, classification, and enrichment
• Builds data models
• Manages knowledge objects (fields, extractions, tags, event types, lookups, workflow actions, aliases, macros, and so on)
• Experience with basic Splunk Search Processing Language (SPL)
• Strong understanding of Splunk platform configuration, web UI and Common Information Model
• Basic understanding of regular expressions

• Working knowledge of the concepts involved in the specific functions outlined in the specified labor category description.
• Demonstrates ability to use logic when evaluating and synthesizing multiple sources of information.
• Demonstrates ability to produce timely, logical, and concise analytic reports, documents, assessments, studies, and briefing materials.
• Demonstrates understanding of evaluation collected intelligence reporting, engaging with collection managers and developing collection requirement.
• Extensive experience with Splunk IT Service Intelligence (ITSI)
• Extensive experience with service tree development, KPI creation and threshold tuning, and dashboard development (ad hoc, glass tables etc.)
• Experience with customizing Splunk Universal Forwarder configurations to add, remove, and tune ingest for various OS types (Windows, Linux, MacOS, Unix etc.)
• Experience with Splunk Heavy Forwarder configurations
• Familiarity with IT Service Management (ITSM) ticketing platforms, such as ServiceNow or Remedy, for tracking incidents and submitting change requests
• Familiarity with CRIBL for data ingest reductions

• Bachelor's degree with 8 years of relevant experience, Masters degree with 6 years. Education equivalency of Associate's with 10 years of related experience or High School Diploma with 12 years of related experience can be used in lieu of Bachelor's degree.

• Due to the nature of the government contracts we support, US Citizenship is required.
• TS/SCI with specific polygraph required or TS/SCI and willing to obtain and maintain a specific polygraph.

• Candidate must, at a minimum, meet DoDM 8140.03 (previously DoD 8570) - IT System Admin Intermediate certification requirements (Cloud+, GICSP, SSCP, Security+ CE, GSEC, or higher)
• Splunk Power User or higher