Y-12 National Security Complex · 18 hours ago
Splunk Engineer
Oak Ridge, TN
Full-time
Onsite
Mid, Senior Level
3+ years expY-12 National Security Complex is dedicated to supporting missions vital to national and global security. They are seeking a Splunk Engineer who will be responsible for configuring, maintaining, and customizing Splunk Enterprise clusters, as well as managing analyst workflows and enriching data for enterprise security.
ManufacturingProfessional ServicesSecurity
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Implements and maintains Splunk platform infrastructure (multi-cluster) and relevant configurations
Staffs help desk for Splunk platform system-related assistance and undertakes day-to-day operational and user support – as it relates to the administration of configuration items of the Splunk servers and Splunk SIM/SIEM software
Develops and customizes Splunk system core “splunkd” components, apps and dashboards and implements integration with external systems
Builds advanced visualizations and manages data onboarding and defining configurations
Builds data models and performs data interpretation, classification, and enrichment
Manages knowledge objects (fields, extractions, tags, event types, lookups, workflow actions, aliases, macros, and so on) – through automations, scripting, management server functions; to include .conf and .cfg files in scope of the last four Splunk Enterprise versions
Configures summary-based reports and data model acceleration
Executes new projects as well as data and user onboarding
Creates operations documentation for maintaining the Splunk infrastructure
Uses tools such as CRIBL to pre-process data to be ingested by Splunk
Qualification
Required
Bachelor's degree in a relevant discipline with a minimum of 5 years of relevant experience OR a Master's degree in a relevant discipline with a minimum of 3 years of relevant experience
Thirteen or more years of relevant education, training, and/or progressive experience may be considered to satisfy educational and years-of-experience requirements for this posting
Implements and maintains Splunk platform infrastructure (multi-cluster) and relevant configurations
Staffs help desk for Splunk platform system-related assistance and undertakes day-to-day operational and user support – as it relates to the administration of configuration items of the Splunk servers and Splunk SIM/SIEM software
Develops and customizes Splunk system core 'splunkd' components, apps and dashboards and implements integration with external systems
Builds advanced visualizations and manages data onboarding and defining configurations
Builds data models and performs data interpretation, classification, and enrichment
Manages knowledge objects (fields, extractions, tags, event types, lookups, workflow actions, aliases, macros, and so on) – through automations, scripting, management server functions; to include .conf and .cfg files in scope of the last four Splunk Enterprise versions
Configures summary-based reports and data model acceleration
Executes new projects as well as data and user onboarding
Creates operations documentation for maintaining the Splunk infrastructure
Uses tools such as CRIBL to pre-process data to be ingested by Splunk
Preferred
Masterful experience with Splunk Enterprise architecture components and supporting instances such as heavy and light forwarder nodes, load balancing, license management, configuration deployment manager, and centralized automations for distributed Splunk cluster architectures
Strong understanding of Splunk platform configuration, web UI and Common Information Model, .cfg and .conf files
Experience with Splunk Search Processing Language (SPL and SPL2), sub-searches and sub-queries or batch commands to include native functions to include use of Python and Python libraries
Knowledge of Splunk solution expert as well as Splunkbase
Knowledge of Windows AND
ix systems administration
Strong Networking background and familiarity with common infrastructure technologies and can demonstrate applicable knowledge in tuning Splunk Architecture to meet the maximum performance characteristics of the topology limits
Experience with Windows and 'Nix operating systems supporting the Splunk Enterprise daemons of which performance settings is expected second nature; thereby allowing most secure and performant Splunk systems environment
Strong understanding of IT and Cyber industry standards and technologies to include such controls governed by NIST, FISMA, and FedRamp
Hold at least one of the following certifications: Splunk Enterprise Certified Admin, Splunk Enterprise Security Certified Admin, Splunk Enterprise Certified Architect, or Splunk Certified Cybersecurity Defense Engineer, Splunk Cloud Certified Admin
Knowledge of DOE and NNSA mission and cybersecurity requirements
Knowledge of laws, policies, procedures, or governance relevant to cybersecurity for critical infrastructures. Familiar with NIST controls and FISMA controls and correct application theory
Familiar with Cloud Service Platform tenancies of which Splunk interoperates and/or operates with primacy
Experience with CRIBL for data transformation and pre-processing
Experience with Ansible and Red Hat Satellite for automation
Benefits
Medical plan
Prescription drug plan
Vision plan
Dental plan
Employer matched 401(k) savings plan
Disability coverage
Education reimbursement
Company
Y-12 National Security Complex
Y-12 National Security Complex is a premier manufacturing facility.
5001-10000 employees
Funding
Current Stage
Late StageLeadership Team
Jill A. Armstrong, CFCM
Program Coordinator, Strategic Partnership Projects
Mandy Parks, SHRM-SCP
Human Resources Business Partner
Recent News
2025-10-01
2025-08-22
Company data provided by crunchbase