×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity IT Support

Senior Splunk Engineer - Infrastructure Operations

Job in Kearney, Buffalo County, Nebraska, 68845, USA
Listing for: GovCIO
Full Time position
Listed on 2026-05-30
Job specializations:
  • IT/Tech
    Cybersecurity, IT Support
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below

Overview

GovCIO is currently hiring for Systems Architect (Senior) /Senior Splunk Engineer - Infrastructure Operations of Infrastructure Operations to support our Administrative Office of the US Courts

NLS project. The NLS currently ingest an average of 18-20TB of logging data daily across 60 indexers distributed in 2 data centers. This position is located within the United States and is fully remote.

Responsibilities
  • Design, implement, and operate the Splunk Core, Enterprise Security, IT Service Intelligence (i.e., ITSI), Phantom (Security Orchestration, Automation, and Response (SOAR)), Splunk Cloud, Splunk On-Call, and Multi-Site Index Clustering environment.
  • Monitor overall Splunk health through the Monitoring Console (DMC) including indexer, search head, and cluster master status.
  • Track indexing rates, license usage, queue health, and search concurrency to identify performance or ingestion issues early.
  • Monitor CPU, memory, and disk utilization across all Splunk components to ensure optimal resource usage.
  • Respond promptly to health alerts, DMC warnings, or anomalies observed on monitoring dashboards.
  • Investigate and resolve common user-reported issues such as access problems, failed searches, or non-triggering alerts.
  • Troubleshoot data ingestion, parsing, and indexing issues across Universal Forwarders, Heavy Forwarders, and HEC endpoints.
  • Investigate missing or duplicate logs, timestamp errors, or source type misassignments and elevate complex parsing issues to Engineering.
  • Validate new data source onboardings by confirming source type assignment, timestamp accuracy, and field extraction integrity.
  • Support data source owners with forwarder deployment, syslog setup, and connectivity troubleshooting during initial onboarding.
  • Maintain data flow visibility from source → forwarder → indexer to confirm data completeness and performance.
  • Rotate and update credentials, API keys, or tokens used in data inputs, integrations, alerts, and scheduled searches.
  • Manage RBAC user and role mappings, handling access requests, entitlement reviews, and permission troubleshooting.
  • Provide end-user assistance with SPL searches, reports, alerts, and dashboards, including query optimization tips.
  • Maintain and update knowledge base articles, SOPs, and FAQs for repeatable issues and troubleshooting steps.
  • Log and elevate platform or parsing issues to the Engineering team with evidence such as logs, screenshots, and correlation IDs.
  • Open and manage Splunk Support cases for platform-level bugs, license problems, or critical system faults.
  • Monitor and manage ITSI service health, including KPIs, correlation searches, NEAP policies, and summary index latency.
  • Troubleshoot ITSI-related issues such as broken KPIs, delayed episodes, or missing notable events.
  • Perform capacity management by monitoring index growth, bucket rotation, and frozen data retention policies.
  • Conduct periodic system maintenance tasks, including orphaned object cleanup and knowledge object review.
  • Verify and maintain compliance with data governance and retention policies, ensuring secure and auditable configurations.
  • Participate in DR testing and validation to ensure Splunk data recovery and HA configurations are functioning as expected.
  • Document incidents, RCA findings, and preventive actions for future reference.
  • Collaborate closely with the Engineering team for escalations, root-cause investigations, and deployment verifications.
Qualifications

Bachelor's with 10 years (or commensurate experience) ORMasters Degree or higher (in a related discipline) with 7 years experience

Required Skills and Experience
  • Expert skills in Enterprise Security, ITSI, SOAR, and the Slunk product line.
  • Able to design, implement, and operate the Splunk Core, Enterprise Security, IT Service Intelligence (i.e., ITSI), Phantom (Security Orchestration, Automation, and Response (SOAR)), Splunk Cloud, Splunk On-Call, and Multi-Site Index Clustering environment.
Clearance Required

Must be able to obtain and maintain AOUSC Public Trust

Company Overview

GovCIO is a team of transformers--people who are passionate about transforming government IT. Every day, we make a positive impact by delivering innovative IT…

Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search