Splunk Engineer

About The Position

Requirements

• 10+ years of related experience
• DoD 8140 or DoD 8570 Certification
• Proven experience in Splunk configuration, administration, and optimization
• Strong understanding of data ingestion, search queries, indexing, and reporting in Splunk
• Proficiency in Splunk SPL for querying and analyzing machine data
• Experience in setting up and managing Splunk enterprise-wide alerts, reports, and dashboards
• Knowledge of security monitoring, SIEM integration, and log management best practices
• Ability to analyze and troubleshoot Splunk performance issues and security incidents
• Familiarity with scripting languages (e.g., Python, Bash) for automating Splunk-related tasks
• A current/active TS/SCI clearance is required
• US citizenship required due to the TS/SCI clearance requirement

Nice To Haves

• Splunk Certified Power User or Splunk Certified Admin
• ITIL 4 Foundation Certification
• Experience working with large-scale environments (5,000+ users, 1,000+ servers)
• Familiarity with SIEM, PKI, or other security-related technologies
• Experience with cloud-based Splunk implementations (e.g., Splunk Cloud)
• Prior experience working in cross-functional IT teams and supporting security operations

Responsibilities

• Design, implement, and maintain Splunk Enterprise infrastructure, including deployment, configuration, and performance tuning.
• Collect, index, and monitor machine data across a large-scale environment, ensuring high availability and security.
• Develop and configure Splunk dashboards, alerts, and reports to support operational, security, and performance monitoring.
• Develop and optimize SPL (Search Processing Language) queries to analyze logs and provide valuable insights.
• Collaborate with security and operations teams to create use cases, improve data ingestion, and enhance event correlation.
• Troubleshoot and resolve performance, security, and scalability issues within Splunk environments.
• Integrate third-party systems and data sources with Splunk to enhance the visibility of network traffic and security incidents.
• Provide technical support and training to junior administrators and other staff members to optimize the usage of Splunk.
• Monitor and report on the health of Splunk infrastructure, ensuring it is operating within defined SLAs.
• Perform regular updates and maintenance on Splunk instances, including upgrading to the latest releases.
• Provide incident response analysis and participate in the development of security-related queries and monitoring rules.
• Document processes, configurations, and best practices for future reference

Benefits

• Variety of medical plan options, some with Health Savings Accounts
• Dental plan options
• Vision plan
• 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match
• Full flex work weeks where possible
• Variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave
• Short and long-term disability benefits
• Life insurance
• Accidental death and dismemberment insurance
• Personal accident insurance
• Critical illness insurance
• Business travel and accident insurance
• AI-powered career tool that identifies career steps and learning opportunities
• An internal mobility team focused on helping you achieve your career goals
• Competitive pay
• Award-winning culture of innovation and a military-friendly workplace