Splunk SME
About The Position
As a Cybersecurity Engineer / Splunk SME, this candidate is stepping into a mission‑critical, high‑impact role supporting a major federal customer. The engineer directly safeguards national‑level infrastructure by designing and maintaining the Splunk SIEM ecosystem that protects sensitive federal systems and high‑value assets. This role is a cornerstone in ensuring cyber readiness, resilience, and uninterrupted mission operations. The environment includes advanced Splunk clusters, indexers, search heads, and enterprise ingestion pipelines — the kind of system complexity that appeals to senior engineers seeking impactful technical challenges. This is not “keeping the lights on.” It’s architecting the backbone of the customer’s security intelligence. As a highly‑senior SME (10–20+ years), the candidate becomes the technical authority for all Splunk‑related decisions, designs, and escalations. They directly influence strategy, architecture, and cybersecurity posture at the enterprise level. The role requires IAT‑III, placing the engineer among the highest‑certified cyber professionals in the DoD/IC ecosystem — a career‑defining differentiator. The environment and responsibilities align with top‑tier federal cyber career paths.
Requirements
- MUST HAVE TS/SCI
- Minimum 10 years cybersecurity/SIEM engineering experience. Extensive background with Splunk Enterprise: ES, ITSI, UBA, searches, dashboarding, tuning
- Deep knowledge of: Security operations, Incident response, Log parsing and normalization, Role‑based access control, High‑availability Splunk design
- Must have IAT‑III certification.
Nice To Haves
- Experience supporting DoD or other cleared federal environments.
- Background integrating Splunk with: Cloud platforms, Security automation, External intelligence feeds
- Ideally 15–20+ years of cybersecurity/Splunk engineering experience.
Responsibilities
- Architect, Implement & Maintain Splunk Environments: Design, implement, and maintain enterprise Splunk infrastructures. Manage Splunk: Clusters, Indexers, Search heads, Forwarders, Data ingestion pipelines. Ensure Splunk architecture meets performance, scalability, and high‑availability requirements.
- Security Engineering & Compliance: Ensure Splunk configuration and handling of log data comply with: Organizational standards, Industry regulation, DoD security requirements, Role‑based access control (RBAC). Implement advanced Splunk security controls and hardening best practices.
- Monitoring & Troubleshooting: Continuously monitor the health of the Splunk environment. Identify and resolve: Performance issues, Indexing backlogs, Search performance bottlenecks, System availability risk.
- SME‑Level Leadership: Serve as the senior cybersecurity/Splunk authority for the program. Mentor teams, guide Splunk best practices, and support engineering escalations. Interact with senior leadership and cross‑functional teams to align Splunk strategy with organizational cyber goals.
Benefits
- Medical (Rx)
- Dental
- Vision
- FSAs
- Life/AD&D
- Disability
- Long‑Term Care
- 401(k) with company match
- Profit Sharing
- Deferred Comp
- Financial Planning
- Paid Time Off (PTO)
- Tuition Reimbursement
- Professional Development
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
