Splunk Architect Lead

Agile Defense•Reston, VA

6d•Hybrid

About The Position

Agile Defense is seeking a Splunk Architect/Lead to support enterprise cybersecurity programs delivering 24/7/365 Cyber Security Operations Center (CSOC) services of USG customers. The Splunk Lead will provide expert technical leadership for enterprise-scale logging, monitoring, SIEM engineering, and custom log integration. This role is responsible for ensuring the reliability, performance, and modernization of the enterprise logging ecosystems across on-premises, cloud, and hybrid environments.

Requirements

Active Certified Splunk Architect (II)
Bachelorâs degree in computer science, engineering, Cybersecurity, STEM or related field.
An understanding and practical experience in applying project management principles; experience with diverse interconnected systems; strong understanding of industry best practices and technologies with experience in the application supporting a large Federal Government security operations organization
Experience in an enterprise IT environment as an applications or systems administrator working in Windows and Linux environments
Experience with bash, python and or PowerShell scripting languages and automation; strong networking background; strong security background; experience with cloud orchestration tools and a strong understanding of Amazon Web Services cloud services
Last 5 years of experience serving as a senior Certified Splunk Administrator or Architect in large environment.

Nice To Haves

Splunk Certified Admin/Engineer
Splunk Core Certified Consultant
Active Certified Information System Security Professional (CISSP)
Cloud provider certifications (AWS Certified Solutions Architect, Azure Solutions Architect Expert, etc)
Experience using cribl

Responsibilities

Lead the design, engineering, configuration, and optimization of enterprise logging platforms supporting CSOC operations.
Act as the primary technical authority for SIEM architecture, log ingestion pipelines, parsing, normalization, enrichment, and storage strategies.
Manage onboarding of new data sources across applications, endpoints, networks, cloud environments, and identity systems.
Ensure log health monitoring, cluster health, pipeline resiliency, and integrity validation for continuous reliability.
Enable dashboard creation, correlation rules, and alerting by guaranteeing high-quality, normalized data.
Maintain compliance with logging standards, federal mandates, and Zero Trust visibility requirements.
Drive modernization initiatives, including automation, cloud logging integrations, and data optimization.
Produce technical documentation, including architecture diagrams, data dictionaries, and detailed reports.
Support vulnerability assessments, compliance audits, and cross-team engineering reviews.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume