Splunk Engineer

Ashburn is seeking a Senior Splunk Engineer to support a federal cybersecurity architecture opportunity. This Key Personnel role will support enterprise SIEM operations Splunk architecture data ingestion dashboards alerting analytics secure configuration and performance optimization in a complex Government environment for a proposal opportunity.

Primary Responsibilities

• Architect deploy operate and maintain enterprise Splunk infrastructure.
• Support SIEM data ingestion indexing normalization dashboarding alerting and operational reporting.
• Develop dashboards and visualizations for security operations and mission stakeholders.
• Manage Splunk configurations search/index clusters data models alerts reports saved searches and knowledge objects.
• Support account/access management server management monitoring patching Splunk version upgrades and app/add-on maintenance.
• Improve log source coverage and quality across enterprise systems and applications.
• Use scripting and automation to improve SIEM operations and support security analytics.
• Support federal cybersecurity standards secure configuration and audit-ready documentation.

Qualifications :

Required Qualifications

• Candidates must be U.S. citizens.
• Candidates must be willing and able to work as Ashburn W-2 employees. 1099 and corp-to-corp arrangements are not permitted for these roles.
• DHS EOD / suitability is required.
• 10 years of experience designing implementing and maintaining Splunk architecture across diverse Government or similarly complex enterprise environments.
• Experience supporting Splunk across Windows Linux Solaris and macOS environments.
• Hands-on expertise with core Splunk components: Indexer Search Head Deployer Deployment Server License Master Heavy Forwarder Universal Forwarder.
• Experience with Splunk authentication methods such as LDAP and SAML.
• Experience managing Splunk indexer and search clusters.
• Experience configuring Splunk through configuration files and implementing policies procedures and standards for secure and efficient Splunk operations.
• Advanced ability to use Splunk to extract transform analyze and visualize data for actionable security and operational insights.
• Experience developing advanced Splunk queries dashboards reports alerts and data models.
• Experience conducting application performance and capacity analysis.
• Advanced scripting experience using Shell Python JavaScript XML CSS or equivalent tools.
• Experience configuring data collection applications such as Splunk DB Connect and the Splunk App for AWS.
• Experience deploying or supporting Splunk Cloud services on AWS.

Preferred / Strongly Desired Qualifications

• Prior DHS DOD / DOW or federal civilian cybersecurity program experience.
• Experience supporting large multi-datacenter Splunk clusters.
• Experience improving log coverage log quality data source onboarding dashboards anomaly detection and security analytics.
• Splunk certifications strongly preferred.
• Experience working in DevSecOps cybersecurity operations or enterprise security architecture environments.

Additional Information :

PHYSICAL REQUIREMENTS:
Work is equally performed in the field as well as in a normal office environment. Lifting (up to 50lbs) may be required. Ladder climbing may be required. Driving is required. All duties performed with or without reasonable accommodations.

Additional Information

Equal Opportunity Employer/Veterans/Disabled. An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity national origin or protected veteran status

Ashburn Consulting is an Equal Opportunity Affirmative Action Employer.
In compliance with the American with Disabilities Act Amendments Act (ADAAA) if you have a disability and would like to request and accommodation in order to apply for a position with Ashburn Consulting please e-mail .

Ashburn Consulting is an Equal Opportunity Affirmative Action Employer.
In compliance with the American with Disabilities Act Amendments Act (ADAAA) if you have a disability and would like to request and accommodation in order to apply for a position with Ashburn Consulting please e-mail .

Remote Work :

No

Employment Type :

Full-time