Security Engineer III, Splunk Architect; TS Clearance

Job Summary

As a Splunk Engineer/Architect, you will design, implement, and optimize Splunk solutions to support security monitoring, log management, and operational analytics for clients.

• Design, implement, and optimize Splunk architectures to support security monitoring, log management, and operational analytics.
• Develop and maintain Splunk dashboards, alerts, reports, searches, and data models aligned to client and business requirements.
• Integrate data sources into Splunk, including infrastructure, cloud, application, and security technologies.
• Support use case development for threat detection, incident response, compliance monitoring, and operational visibility.
• Create and maintain architecture diagrams, technical documentation, implementation standards, and administration procedures.

• Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Engineering, or a related technical field
• Active Top‑Secret Clearance
• Ability to work onsite up to 5 days a week
• 2+ years of experience with:
• Implementing and supporting Splunk Enterprise or Splunk Cloud
• Developing Splunk dashboards, reports, alerts, and saved searches
• Onboarding and normalizing log sources from infrastructure, applications, cloud platforms, or security tools
• Security Information and Event Management (SIEM) concepts, security monitoring, or threat detection use cases
• Working knowledge of TCP/IP, networking protocols, and system log analysis
• Experience with SPL, data models, and role‑based access controls
• Must have one or more of the following certifications:
  Splunk Core Certified Power User, Splunk Enterprise Certified Admin, or Splunk Enterprise Security certification
• Ability to travel 20%, on average, based on the work you do and the clients and industries/sectors you serve
• Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future

• 1+ year of experience supporting Splunk in AWS, Azure, or GCP
• 5+ years of experience with Splunk Enterprise Security, Splunk SOAR, or security orchestration workflows
• 5+ years of experience integrating Splunk with endpoint, identity, firewall, or cloud security tools
• 1+ year of experience with Python, automation scripting, or infrastructure as code tools
• Experience supporting regulated or federal environments

The wage range for this role is $102,500 – $188,900. You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program.