Sr. Splunk Engineer I (6382)

MetroStar•Washington, DC

About The Position

As a Sr. Splunk Engineer I, you’ll deliver Splunk data engineering and platform operations for continuous monitoring and analysis with the goal to make an impact across the federal government. Our team is responsible for operating and evolving mission-critical SIEM and monitoring platforms, and you’ll ensure reliable, secure, and scalable Splunk capabilities that directly support mission operations and decision-making from day one. We know that you can’t have great technology services without amazing people. At MetroStar, we are obsessed with our people and have led a two-decade legacy of building the best and brightest teams. Because we know our future relies on our deep understanding and relentless focus on our people, we live by our mission: A passion for our people. Value for our customers. If you think you can see yourself delivering our mission and pursuing our goals with us, then check out the job description below!

Requirements

Active Top Secret security clearance with SCI eligibility required.
Required technical certifications include Splunk Enterprise Certified Administrator or equivalent demonstrated administrative capability and Security+
Possess DoD 8140 certification aligned to the 521 Cyber Defense Infrastructure Support Specialist work role, such as Security+, SSCP, CySA+, PenTest+, CASP+, GCIH, CISSP, or GSLC.
5+ years of experience in data management or systems administration, including at least 3 years of hands-on experience in an enterprise Splunk environment.
Demonstrated experience designing, deploying, and managing on-prem enterprise Splunk services integrated with systems and networks.
Hands-on experience performing data onboarding, including log ingestion, parsing, normalization, and index management.
Proven ability to build and maintain Splunk dashboards, searches, and reports to support operational and security use cases.
Operational experience managing Splunk infrastructure, including forwarders, indexers, search heads, and performance tuning.
Bachelor’s degree in a technical field is preferred. Relevant experience may substitute for education requirements.
Ability to contribute immediately with minimal ramp-up in a mission-critical operational environment

Responsibilities

Design and manage Splunk data ingestion pipelines and dashboards supporting mission-critical use cases.
Operate and maintain Splunk Enterprise in a secure, high-availability environment.
Support security monitoring, detection, and incident response operations.
Participate actively in Agile execution and team delivery cadence.
Optimize data pipelines, performance, and data quality across the platform.
Communicate technical insights, risks, and issues clearly to both technical and non-technical stakeholders.
Establish and maintain a high level of customer trust and confidence through technical excellence and reliable delivery.
Apply creativity and sound engineering judgment to deliver innovative solutions aligned to customer needs.