True Zero Technologies
  • New York, NY, USA
  • Salary
  • Full Time

full benefits package

 True Zero Technologies is seeking a Splunk Engineer to join their team.

Required Skills:

  • Splunk Admin/Power User certification (Architect certified preferred)
  • Experience designing and implementing ground up distributed Splunk installations including all Splunk server roles (Search Head, Indexers, Heavy Forwarders and Universal Forwarders, etc.)
  • Experience with advanced configuration of Splunk including Indexer Clustering and Search Head Clustering.
  • Experience maintaining and administering enterprise Splunk implementations.
  • Experience developing custom Splunk content including scheduled searches, reports, dashboards, etc.
  • Proficient at data on-boarding activities including custom parsing rules, custom Technology Add-On building according to Splunk's Common Information Model (CIM).
  • Experience configuring indexes, index routing, retention policies, etc.
  • Experience working in linux and windows environments, ability to configure:
    • Storage subsystems (I.e. partitioning, Volume Groups, Logical Volumes, etc.)
    • SELinux
    • Familiarity with different flavors of Linux distros (RedHat, CentOS, Ubuntu, etc.)
    • File Permission Settings (linux/windows)
  • Excellent written and oral skills, ability to work closely with multiple customers, manage expectations, and track engagement scope.


Ideal Skills:

  • Splunk Certified Field Readiness Training (CFRT, previously known as SCCII)
  • Splunk Architect II certification
  • Splunk Enterprise Security Implementation certification (Level 1 or 2)
  • Splunk IT Service Intelligence certification
  • Understanding of Syslog daemon configuration principles, ideally in Syslog-NG and RSyslog configurations.
  • Cloud experience (AWS, Azure, etc.)
  • Development and API experience (Python, Perl, XML)
  • SaltStack, Ansible, and other enterprise automation tool experience.
  • Hardware experience and storage experience (SAN, NAS, etc.)



The candidate will be part of a team of Splunk Engineers maintaining a purpose built Splunk instance with a heavy emphasis on content development, reporting, and visualizations.  The team will manage all day to day administration of the Splunk environment, work with components to on-board new data sources, and apply custom Data Model configurations to the data for reporting requirements and standardization.

As a TZT consultant, the candidate will receive access to the full knowledge base which is driven by the TZT community as well as the technical backing of the entire PS team.  TZT encourages collaboration and growth through information sharing and knowledge workshops.  The candidate will also have access to our internal Slack channel to stay connected with the team as well as the necessary tools to train, demo, test and grow their professional skills.


U.S. Citizenship is required as this is in support of a Federal Customer.

True Zero Technologies
  • Apply Now

    with our quick 3 minute Application!

  • * Fields Are Required

    What is your full name?

    How can we contact you?

  • Sign Up For Job Alerts!

  • Share This Page
  • Facebook Twitter LinkedIn Email
Logo Home Services Careers Contact