Data Platform Engineer

About This Role

The Data Platform Engineer is responsible for hands-on administration and support of security data platforms like Splunk and security data lakes. This role ensures stable data flows, integration, and platform operations for resilient and scalable security analytics capabilities.

Responsibilities

• Administer and maintain enterprise security data platforms to ensure availability, performance, and reliability.
• Support event ingestion onboarding and sustainment using multiple methods (e.g., syslog, DBX, and Splunk Technical Add-ons (TAs)).
• Install, upgrade, patch, and troubleshoot Enterprise Log Manager (ELM) and Security Information and Event Management (SIEM) components and supporting infrastructure.
• Support Splunk platform capabilities and apps as applicable (e.g., Splunk Enterprise Security (ES), User Behavior Analytics (UBA), and Splunk Core/Enterprise).
• Configure, tune, and maintain parsing and normalization so data aligns to the Splunk Common Information Model (CIM).
• Create and maintain custom TAs to standardize data onboarding and improve analytics outcomes.
• Perform routine monitoring, health checks, and maintenance; troubleshoot ingestion, parsing, and platform issues.
• Partner with security operations and engineering teams to optimize telemetry for detection, response, and operational/compliance reporting.
• Produce and maintain runbooks, SOPs, and technical documentation; contribute to continuous process improvement.

Requirements

• Bachelor's degree or equivalent relevant work experience.
• Ability to obtain Public Trust clearance.
• Must be legally authorized to work in the United States without employer sponsorship.
• 4+ years of experience supporting enterprise data platforms.
• 4+ years of hands-on experience installing, updating, and maintaining ELM/SIEM solutions and supporting technologies, including Splunk (ES, UBA, Core/Enterprise), Cribl (or comparable data pipeline tooling), Red Hat (or similar Linux OS), and VMware environments.
• Demonstrated experience configuring and maintaining event ingestion methods (e.g., syslog, DBX, TA software).
• Proven ability to create and maintain custom TAs to parse data into Splunk CIM format.
• Experience troubleshooting, monitoring, and performing routine maintenance of data systems.

Qualifications

• Bachelor's degree or equivalent relevant work experience.
• 4+ years of experience supporting enterprise data platforms and 4+ years of hands-on experience installing, updating, and maintaining ELM/SIEM solutions.

Skills

* Required skills