[Hiring] Splunk SME consultant @Precision Solutions

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more.

Role Description

The part-time Splunk Subject Matter Expert will provide ongoing professional services for a long-standing federal customer. The customer requires 20 hours of Splunk SME support per year, and requires an experienced consultant they can rely on for periodic upgrade, tuning, and over-the-shoulder advisory support. This work is entirely remote and does not require a clearance.

• 2 days upgrading the customer’s Splunk Enterprise Security SIEM (7.x to 8.x)
• 2 days supporting the SOC team with configuration tuning and optimization
• Perform an upgrade of the customer’s on-prem Splunk Enterprise Security 7.x environment to the latest 8.x release
• Conduct over-the-shoulder guidance (no hands-on keyboard) for the SOC team during and after the upgrade
• Provide configuration tuning, correlation search optimization, content review, and performance improvements
• Offer advisory support across Splunk Enterprise, Enterprise Security, SOAR, and UBA as needed
• Deliver clear documentation and recommendations for ongoing health, performance, and operational maturity
• Serve as an on-call SME throughout the year for up to 20 hours annually
• Maintain strong communication with the customer stakeholders to ensure high-quality service delivery
• Provide flexible scheduling coordination with the customer (adequate lead time always provided)

Qualifications

• Proven experience as a Splunk SME supporting on-prem Splunk Enterprise, Enterprise Security, SOAR, and UBA
• Hands-on experience performing Splunk Enterprise Security upgrades in production environments
• Strong background in tuning, correlation development, dashboards, datamodel optimization, and content validation
• Ability to provide expert-level guidance in an over-the-shoulder consulting format
• Excellent verbal communication skills and the ability to guide SOC personnel through technical decision making
• Experience supporting federal customers or regulated environments preferred
• Willingness to support up to 20 hours of ad-hoc consulting work per year depending on customer need

Requirements

• Splunk Enterprise Certified Admin or Splunk Enterprise Certified Architect is required
• Additional Splunk ES, SOAR, or UBA certifications preferred
• Bachelor’s degree or 6+ years of relevant experience in lieu of a degree

Clearance Requirements

• No clearance required
• Consultant must be eligible to work on a 1099 in the United States

Other Duties

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.