Data Platform Engineer

About This Role

The Data Platform Engineer administers and supports security data platforms like Splunk and security data lakes, ensuring stable data flows and platform operations. This role is crucial for maintaining resilient and scalable security analytics capabilities for monitoring, incident response, threat analysis, and compliance.

Responsibilities

• Administer and maintain enterprise security data platforms to ensure availability, performance, and reliability.
• Support event ingestion onboarding and sustainment using multiple methods (e.g., syslog, DBX, and Splunk Technical Add-ons (TAs)).
• Install, upgrade, patch, and troubleshoot Enterprise Log Manager (ELM) and Security Information and Event Management (SIEM) components and supporting infrastructure.
• Support Splunk platform capabilities and apps as applicable (e.g., Splunk Enterprise Security (ES), User Behavior Analytics (UBA), and Splunk Core/Enterprise).
• Configure, tune, and maintain parsing and normalization so data aligns to the Splunk Common Information Model (CIM).
• Create and maintain custom TAs to standardize data onboarding and improve analytics outcomes.
• Perform routine monitoring, health checks, and maintenance; troubleshoot ingestion, parsing, and platform issues.
• Partner with security operations and engineering teams to optimize telemetry for detection, response, and operational/compliance reporting.
• Produce and maintain runbooks, SOPs, and technical documentation; contribute to continuous process improvement.

Requirements

• Legally authorized to work in the United States without employer sponsorship.
• Ability to obtain Public Trust clearance.
• 4+ years of experience supporting enterprise data platforms.
• 4+ years of hands-on experience installing, updating, and maintaining ELM/SIEM solutions and supporting technologies (e.g., Splunk, Cribl, Red Hat, VMware).
• Demonstrated experience configuring and maintaining event ingestion methods (e.g., syslog, DBX, TA software).
• Proven ability to create and maintain custom TAs to parse data into Splunk CIM format.
• Experience troubleshooting, monitoring, and performing routine maintenance of data systems.

Qualifications

• Bachelor's degree or equivalent relevant work experience.
• 4+ years of experience supporting enterprise data platforms and hands-on experience installing, updating, and maintaining ELM/SIEM solutions and supporting technologies.

Skills

* Required skills