Splunk Engineer

SteampunkWashington, DC
2d

About The Position

Steampunk is looking for an Splunk Engineer to join the Office of the CIO. As a Splunk Engineer at Steampunk, you will play a key role in advancing enterprise logging and compliance initiatives across federal environments. Your primary focus will be supporting agency efforts to meet the logging, retention, and reporting requirements outlined in OMB Memorandum M-21-31. You will collaborate with system owners, application teams, and security stakeholders to identify required log sources, implement data collection strategies, and build visibility through Splunk dashboards and analytics. You will help drive the technical strategy for ensuring comprehensive log coverage across diverse environments (cloud, on-premises, and hybrid), aligning Splunk implementations with evolving cybersecurity compliance expectations.

Requirements

  • 7+ years of IT experience, including at least 3 years in cybersecurity (or equivalent experience based on degree level).
  • 5+ years of hands-on Splunk experience, including data onboarding, optimization, and dashboard creation.
  • Strong understanding of logging, monitoring, and alerting practices in large-scale enterprise or federal environments (500+ servers).
  • Familiarity with M-21-31, Zero Trust, and related NIST or Executive Order 14028 compliance requirements.
  • Experience integrating Splunk with vulnerability management, authentication, and cloud service logs.
  • Knowledge of common infrastructure and application logging sources such as Windows Event Logs, Sysmon, Linux syslogs, AWS CloudTrail, and container logs.
  • Demonstrated ability to work cross-functionally with technical and non-technical teams.
  • Excellent communication, documentation, and presentation skills.

Nice To Haves

  • Bachelor's degree in a technical field (e.g., Computer Science, Information Technology, Cybersecurity, or related field)
  • Experience in federal cybersecurity environments or supporting agency compliance programs.
  • Familiarity with log source prioritization frameworks and data governance practices.
  • Experience with cloud-native logging tools (e.g., AWS CloudWatch, Azure Monitor, GCP Logging).
  • Security or logging-related certifications (e.g., Splunk Core Certified Power User, Splunk Enterprise Certified Admin, CISSP, CEH).

Responsibilities

  • Lead and support enterprise efforts to achieve M-21-31 compliance through effective log collection, retention, and monitoring strategies.
  • Work with system, application, and network teams to identify and onboard required log sources across various infrastructure types.
  • Design, develop, and maintain Splunk dashboards, searches, and alerts that demonstrate compliance and improve operational awareness.
  • Optimize Splunk data ingestion, ensuring log taxonomy, timestamp normalization, and data quality meet compliance and visibility needs.
  • Provide strategic guidance on log architecture and security monitoring approaches that align with agency cybersecurity policies.
  • Analyze existing systems and recommend improvements to log coverage, storage efficiency, and retention consistency.
  • Develop documentation, runbooks, and training materials to support sustainable logging practices and knowledge sharing.
  • Partner with compliance and program management teams to respond to audit requests and reporting requirements.
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service