Splunk Engineer

About The Position

Requirements

• 7+ years of IT experience, including at least 3 years in cybersecurity (or equivalent experience based on degree level).
• 5+ years of hands-on Splunk experience, including data onboarding, optimization, and dashboard creation.
• Strong understanding of logging, monitoring, and alerting practices in large-scale enterprise or federal environments (500+ servers).
• Familiarity with M-21-31, Zero Trust, and related NIST or Executive Order 14028 compliance requirements.
• Experience integrating Splunk with vulnerability management, authentication, and cloud service logs.
• Knowledge of common infrastructure and application logging sources such as Windows Event Logs, Sysmon, Linux syslogs, AWS CloudTrail, and container logs.
• Demonstrated ability to work cross-functionally with technical and non-technical teams.
• Excellent communication, documentation, and presentation skills.

Nice To Haves

• Bachelor's degree in a technical field (e.g., Computer Science, Information Technology, Cybersecurity, or related field)
• Experience in federal cybersecurity environments or supporting agency compliance programs.
• Familiarity with log source prioritization frameworks and data governance practices.
• Experience with cloud-native logging tools (e.g., AWS CloudWatch, Azure Monitor, GCP Logging).
• Security or logging-related certifications (e.g., Splunk Core Certified Power User, Splunk Enterprise Certified Admin, CISSP, CEH).

Responsibilities

• Lead and support enterprise efforts to achieve M-21-31 compliance through effective log collection, retention, and monitoring strategies.
• Work with system, application, and network teams to identify and onboard required log sources across various infrastructure types.
• Design, develop, and maintain Splunk dashboards, searches, and alerts that demonstrate compliance and improve operational awareness.
• Optimize Splunk data ingestion, ensuring log taxonomy, timestamp normalization, and data quality meet compliance and visibility needs.
• Provide strategic guidance on log architecture and security monitoring approaches that align with agency cybersecurity policies.
• Analyze existing systems and recommend improvements to log coverage, storage efficiency, and retention consistency.
• Develop documentation, runbooks, and training materials to support sustainable logging practices and knowledge sharing.
• Partner with compliance and program management teams to respond to audit requests and reporting requirements.