Splunk Engineer (Enterprise Level)

About The Position

Requirements

• U.S. Citizen
• Active Secret clearance or ability to obtain a Secret clearance.
• IAT Level II certification or higher per DoD 8570/8140 (e.g., CompTIA Security+ CE, CCNA Security, GICSP, GSEC, SSCP).
• Seven (7+) years of IT experience.
• Five (5+) years of hands‑on Splunk Enterprise implementation, administration, and operational support.
• Experience developing, implementing, and supporting enterprise‑scale Splunk environments.
• Experience with Linux administration.
• Experience with scripting languages such as Python, PowerShell, or Bash.
• Experience with log forwarding, parsing, and data normalization.
• Experience with Splunk ES (Enterprise Security) and/or SOAR.
• Ability to apply data‑normalization practices to meet mission‑specific logging requirements.
• Ability to work across multiple data types, sources, and ingestion methods.

Nice To Haves

• BA/BS degree in Computer Science, Information Systems, or a related field with a comprehensive understanding of computer science concepts.
• Experience supporting Army or DoD environments within classified and unclassified environments.
• Experience supporting virtualized or hyperconverged infrastructure (e.g., Nutanix, KVM).
• Exposure to hybrid‑cloud or cloud‑migration initiatives.
• Familiarity with: ACAS HBSS or successor endpoint security tools STIG compliance processes Zero Trust concepts and logging requirements
• Experience supporting Continuous Monitoring or ATO‑related activities.
• Experience integrating Splunk with ServiceNow or other ITSM platforms.
• Experience supporting DoD or Federal cybersecurity operations.
• Experience providing quality service and support for mission-critical systems and VIP end users.
• Excellent communication skills (written and oral) and interpersonal skills.
• Superior organizational skills, attention to detail, and ability to prioritize and manage multiple tasks.

Responsibilities

• Support the design, implementation, and sustainment of Splunk Enterprise and/or Splunk ES environments.
• Configure and maintain distributed Splunk components, including search heads, indexers, and forwarders.
• Ensure secure, compliant log ingestion across NIPR, SIPR, and research networks in coordination with cybersecurity and network teams.
• Integrate Splunk capabilities into enterprise monitoring, ServiceNow, endpoint management platforms, network monitoring tools, and other enterprise systems.
• Administer Splunk environments in alignment with DoD, Army, and RMF cybersecurity standards.
• Perform performance tuning, storage optimization, and capacity monitoring to maintain system reliability and availability.
• Support lifecycle activities such as upgrades, patching, and configuration management.
• Configure data ingestion, normalization, and parsing to meet mission‑critical logging and compliance requirements.
• Develop and maintain dashboards, reports, alerts, and automated workflows supporting vulnerability tracking, STIG compliance, ACAS reporting, POA&M management, and operational reporting.
• Support logging and analytics requirements for Zero Trust and broader modernization initiatives.
• Contribute to Continuous Monitoring and ATO‑related initiatives.
• Assist with audit preparation, log validation, and incident analysis.
• Provide metrics, reporting, and insights for monthly status and operational requirements.
• Communicate technical information clearly to both technical and non‑technical stakeholders.
• Collaborate with cybersecurity, infrastructure, network, and platform teams to ensure cohesive logging and monitoring support.

Benefits

• paid holidays
• paid time off
• medical
• dental
• vision
• company-paid long and short-term disability
• life insurance
• referral bonuses
• relocation incentive program
• certification reimbursement program
• retirement