DirectClient: Texas Comptroller of Public Accounts(CPA)
Solicitation#304135869
Title: Splunk Architect
Location: 111 E 17th Street Austin, Texas 78711
Duration: Until 8/31/2023 with possible extension to /8/31/2025
Last date for submission: July 24, 2022 (2.00 PM-CST)
Important Note: Weekly in office attendance is being required but most work will be performed remotely.. The selected contractor(s) will be required to come in person to the LBJ Building to obtain CPA equipment, badge and initial assignments.
DESCRIPTION OF SERVICES:
The Candidate will be responsible for architecting the Splunk Cloud Platform. This role includes on-premises to cloud migration and onboarding additional data as requested from stakeholders. The Candidate must have strong hands-on experience with Splunk administration; with the ability to set up servers/forwarders to capture endpoint and network logs. This person will work closely with the cybersecurity team to improve the overall Splunk security posture for agency use. The primary goal of the Candidate will be to deliver a well-designed, documented, and tested enterprise Splunk solution that meets retention requirements, customer availability and usability, without loss of current functionality.
CANDIDATE SKILLS AND QUALIFICATIONS
Minimum Requirements:
Years Required/Preferred Experience
7 Required Experience with Network, Linux and Windows technologies related to the Splunk Platform
5 Required Experience with Splunk Administration
5 Required Experience designing and implementing network security logs.
5 Required Experience creating Alerts, Dashboards and reports in Splunk Tool.
5 Required Experience with highly complex application security requirements
5 Required Experience configuring servers and forwarders to capture endpoint and network logs.
5 Required Experience completing system documentation
5 Required Experience with Splunk integrations to Kubernetes, AWS, Azure and/or Okta.
3 Required Experience with coaching, mentoring and knowledge transfer to security analysts and other personnel as required
1 Required Splunk Cloud Admin Certification
5 Preferred Experience working with enterprise software solutions
5 Preferred Experience working with legacy applications/services and designing modernization solutions to work efficiently and securely.
5 Preferred Experience in languages: Phyton, JavaScript, Bash and Linux
2 Preferred Public sector experience (Federal, State or Local Government)
2 Preferred Experience with ServiceNow
2 Preferred Proficient with the Microsoft Office products, including Outlook, TEAMS, Microsoft Project, Word, Visio, Excel and PowerPoint
1 Preferred Splunk Enterprise Admin/Architect Certification
1 Preferred Splunk Core Consultant Certification