Splunk Engineer

Steampunk is looking for an SplunkEngineerto join the Office of the CIO.

As a Splunk Engineer at Steampunk you will play a key role in advancing enterprise logging and compliance initiatives across federal environments. Your primary focus will be supporting agency efforts to meet the logging retention and reporting requirements outlined in OMB Memorandum M-21-31. You will collaborate with system owners application teams and security stakeholders to identify required log sources implement data collection strategies and build visibility through Splunk dashboards and will help drive the technical strategy for ensuring comprehensive log coverage across diverse environments (cloud on-premises and hybrid) aligning Splunk implementations with evolving cybersecurity compliance expectations.

Responsibilities

• Lead and support enterprise efforts to achieveM-21-31 compliancethrough effective log collection retention and monitoring strategies.
• Work with system application and network teams toidentify and onboard required log sourcesacross various infrastructure types.
• Design develop and maintainSplunk dashboards searches and alertsthat demonstrate compliance and improve operational awareness.
• OptimizeSplunk data ingestion ensuring log taxonomy timestamp normalization and data quality meet compliance and visibility needs.
• Provide strategic guidance onlog architecture and security monitoring approachesthat align with agency cybersecurity policies.
• Analyze existing systems and recommend improvements to log coverage storage efficiency and retention consistency.
• Develop documentation runbooks and training materials to support sustainable logging practices and knowledge sharing.
• Partner with compliance and program management teams to respond to audit requests and reporting requirements.

Required Qualifications:

• 7 years of IT experience including at least 3 years in cybersecurity (or equivalent experience based on degree level).
• 5 years of hands-on Splunk experience including data onboarding optimization and dashboard creation.
• Strong understanding oflogging monitoring and alerting practicesin large-scale enterprise or federal environments (500 servers).
• Familiarity withM-21-31Zero Trust and related NIST or Executive Order 14028 compliance requirements.
• Experience integrating Splunk with vulnerability management authentication and cloud service logs.
• Knowledge of common infrastructure and application logging sources such as Windows Event Logs Sysmon Linux syslogs AWS CloudTrail and container logs.
• Demonstrated ability to work cross-functionally with technical and non-technical teams.
• Excellent communication documentation and presentation skills.

Preferred:

• Bachelors degree in a technical field (e.g. Computer Science Information Technology Cybersecurity or related field)
• Experience infederal cybersecurity environmentsor supporting agency compliance programs.
• Familiarity withlog source prioritization frameworksanddata governance practices.
• Experience withcloud-native logging tools(e.g. AWS CloudWatch Azure Monitor GCP Logging).
• Security or logging-related certifications (e.g. Splunk Core Certified Power User Splunk Enterprise Certified Admin CISSP CEH).

Identity Statement

As part of the application process you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.

Steampunk is a Change Agent in the Federal contracting industry bringing new thinking to clients in the Homeland Federal Civilian Health and DoD sectors. Through our Human-Centered delivery methodology we are fundamentally changing the expectations our Federal clients have for true shared accountability in solving their toughest mission challenges. As an employee owned company we focus on investing in our employees to enable them to do the greatest work of their careers and rewarding them for outstanding contributions to our growth. If you want to learn more about our story visit .