The Enterprise Information Security (EIS) team is responsible for cybersecurity across our organization. We support our business and members by reducing risk, rapidly responding to threats, focusing on business resiliency and securing new acquisitions. UHG operates one of the largest and most complex Splunk environments in the world — supporting a massive user base, 10,000+ applications, and data ingestion volumes exceeding hundreds of TB/day across on-premises, cloud (AWS, Azure, GCP), and hybrid infrastructures. Our mission is to ensure this platform is not only operational and performant, but intelligently governed — delivering security intelligence that is trustworthy, searchable, and actionable at enterprise scale. The Splunk Knowledge Manager is a critical, specialized role responsible for the governance, lifecycle management, and strategic oversight of all Splunk knowledge objects across the enterprise SIEM. This individual serves as the authoritative custodian of how data is classified, normalized, searched, and consumed — bridging platform engineering, detection engineering, and SOC operations. In a deployment of this scale, ungoverned knowledge objects directly drive alert fatigue, missed detections, redundant content, and degraded platform performance; this role exists to prevent that entropy and ensure the SIEM delivers high-fidelity security outcomes. You’ll enjoy the flexibility to work remotely from anywhere within the U.S. as you take on some tough challenges. For all hires in the Minneapolis or Washington, D.C. area, you will be required to work in the office a minimum of four days per week.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Job Type
Full-time
Career Level
Principal