True Zero Technologies
  • DC, USA
  • Full Time

full benefits package

 True Zero Technologies is seeking a Splunk Engineer to join their team.

Required Skills:

  • Splunk Admin/Power User certification (Architect certified preferred)
  • Experience designing and implementing ground up distributed Splunk installations including all Splunk server roles (Search Head, Indexers, Heavy Forwarders and Universal Forwarders, etc.)
  • Experience with advanced configuration of Splunk including Indexer Clustering and Search Head Clustering.
  • Experience maintaining and administering enterprise Splunk implementations.
  • Experience developing custom Splunk content including scheduled searches, reports, dashboards, etc.
  • Proficient at data on-boarding activities including custom parsing rules, custom Technology Add-On building according to Splunk's Common Information Model (CIM).
  • Experience configuring indexes, index routing, retention policies, etc.
  • Experience working in linux and windows environments, ability to configure:
    • Storage subsystems (I.e. partitioning, Volume Groups, Logical Volumes, etc.)
    • SELinux
    • Familiarity with different flavors of Linux distros (RedHat, CentOS, Ubuntu, etc.)
    • File Permission Settings (linux/windows)
  • Excellent written and oral skills, ability to work closely with multiple customers, manage expectations, and track engagement scope.


Ideal Skills:

  • Splunk Certified Field Readiness Training (CFRT, previously known as SCCII)
  • Splunk Architect II certification
  • Splunk Enterprise Security Implementation certification (Level 1 or 2)
  • Splunk IT Service Intelligence certification
  • Understanding of Syslog daemon configuration principles, ideally in Syslog-NG and RSyslog configurations.
  • Cloud experience (AWS, Azure, etc.)
  • Development and API experience (Python, Perl, XML)
  • SaltStack, Ansible, and other enterprise automation tool experience.
  • Hardware experience and storage experience (SAN, NAS, etc.)



The candidate will support the customer with ground up installation and maintenance of a large Splunk implementation (6TB).  This will include the installation and configuration of Splunk Enterprise according to Splunk best practices.  The client will require assistance in developing Splunk content to support their use cases, which will involve report/dashboard development, custom alerting, and third-party tool integration.  Candidate will also be involved in planning and requirements gathering discussions with the client and will need to possess excellent written and verbal communication skills.  The candidate will be required to document system design, capacity planning guides, status reports, and standard operating procedures.

As a TZT consultant, the candidate will receive access to the full knowledge base which is driven by the TZT community as well as the technical backing of the entire PS team.  TZT encourages collaboration and growth through information sharing and knowledge workshops.  The candidate will also have access to our internal Slack channel to stay connected with the team as well as the necessary tools to train, demo, test and grow their professional skills.


Type of experience required for the job:

U.S. Citizenship is required as this is in support of a Federal Customer.  Splunk engineer with experience managing and configuration Splunk environments, performing data on-boarding, developing custom content on Splunk platform, troubleshooting methodologies, and ability to walk customers through requirements gathering phase and develop appropriate system designs.

True Zero Technologies
  • Apply Now

    with our quick 3 minute Application!

  • * Fields Are Required

    What is your full name?

    How can we contact you?

  • Sign Up For Job Alerts!

  • Share This Page
  • Facebook Twitter LinkedIn Email
Logo Home Services Careers Contact