Splunk Engineer Security Clearance

Position: Splunk Engineer with Security Clearance
Overview Seeking a Splunk Engineer with strong experience in Splunk Enterprise administration, SPL development, data onboarding, and infrastructure management to support secure, mission-focused environments. This hybrid position requires 2–3 days per week onsite in a SCIF. Security Clearance:
Active TS/SCI with Polygraph in DISS

Minimum Requirements:

Bachelor’s degree (BA/BS) required; preferred fields include Computer Science, Computer Engineering, Mathematics, Statistics, or a related technical discipline
3+ years of experience with Splunk Enterprise
Experience developing searches, reports, alerts, and dashboards using Splunk Search Processing Language (SPL)
Hands-on experience managing Splunk infrastructure, including Indexers, Search Heads, Universal Forwarders, and Index Clusters
Experience onboarding, ingesting, and indexing new data sources
Familiarity with Splunk configuration files (e.g., inputs.conf, props.conf) and troubleshooting via both GUI and command-line interfaces
1+ year of experience with Linux and/or Windows system administration
Experience creating architectural and infrastructure diagrams
Proficiency with SharePoint, Jira, and Confluence
Experience working within Agile/Scrum teams
Ability to provide status updates, presentations, and briefings to stakeholders
Availability to work onsite in a SCIF environment 2–3 days per week

Key Responsibilities:

Design, develop, and maintain Splunk dashboards, reports, alerts, and monitoring solutions
Administer and support Splunk environments, including infrastructure components, configurations, and performance optimization
Perform data onboarding, parsing, normalization, and indexing for new log sources
Troubleshoot and resolve Splunk system, infrastructure, and configuration issues
Develop and maintain technical documentation, architecture diagrams, and operational procedures
Collaborate with engineering, security, and operations teams to support monitoring and analytics initiatives
Provide regular progress updates and technical briefings to stakeholders
Support continuous improvement efforts through automation and process optimization Skills and Proficiencies:
Splunk Enterprise administration and engineering
Search Processing Language (SPL)
Linux and Windows system administration
Data ingestion, parsing, and indexing
Infrastructure management and troubleshooting
Scripting and automation
AWS cloud technologies
Infrastructure as Code (IaC)
Agile/Scrum methodologies
Technical documentation and diagram creation Additional Information:

Experience with Splunk Enterprise Security (ES) preferred

Experience with Splunk User Behavior Analytics (UBA) preferred

Experience with automation tools and Infrastructure as Code (IaC)
Experience developing scripts and integrations using Python, Bash, Boto3, JSON, YAML, and XML
Experience working within AWS environments

Experience with Docker, Kubernetes, and Ansible
Strong verbal and written communication skills
Excellent organizational and time management skills
Experience supporting secure government environments and SCIF operations is highly desirable Preferred

Certifications:

Splunk Enterprise Certified Admin
Splunk Enterprise Certified Architect
Splunk Enterprise Security Certification
Splunk User Behavior Analytics Certification