Splunk Architect Security Clearance
Job in
Reston, Fairfax County, Virginia, 20190, USA
Listed on 2026-01-07
Listing for:
The Informatics Applications Group
Full Time
position Listed on 2026-01-07
Job specializations:
-
IT/Tech
Cybersecurity, Systems Engineer, Security Manager, Data Security
Job Description & How to Apply Below
TIAG is now hiring a Splunk Architect/ Splunk SME to support upcoming work within the DHA. This work is anticipated to start in February 2026 and will be fully remote. The Splunk Architect serves as the program's Splunk SIEM technical authority. The role manages and maintains Splunk to ensure visibility of the customer systems, supports incident response operations, and delivers leadership dashboards and reporting.
This position requires an active Splunk Enterprise Certified Architect certification to be considered. Public Trust clearance is required. Primary Responsibilities
* Own Splunk platform administration, configuration, and ongoing maintenance to ensure stable operations.
* Onboard and sustain required log sources and data feeds; validate data quality, completeness, and coverage.
* Develop and maintain searches, alerts, correlation rules, and reporting to support monitoring and triage.
* Build and sustain operational and leadership dashboards; deploy initial dashboards rapidly and maintain availability targets.
* Produce weekly monitoring reports covering alerts, incidents, and compliance status for government leadership.
* Review Splunk-generated vulnerability and threat alerts; notify designated personnel and provide mitigation recommendations within required timelines.
* Implement and maintain integrations between Splunk and security tools (e.g., firewalls, IDS/IPS, threat feeds) to improve visibility and response.
* Enable incident response workflows through automation and analyst-facing data views to accelerate triage and prioritization.
* Participate in governance activities (e.g., change control/working groups) and provide technical inputs and status updates as assigned. Qualifications
* Active Splunk Enterprise Certified Architect certification
* A minimum of 3 years of demonstrated enterprise Splunk architecture and administration experience (data onboarding, dashboards, alerting, reporting).
* Experience integrating SIEM with security tools and log sources; ability to engineer reliable data pipelines.
* Ability to develop executive-ready dashboards and operational reporting on a recurring cadence.
* Ability to meet High Risk Public Trust (Tier
4) suitability requirements.
Preferred Qualifications
* Experience supporting federal cybersecurity programs in regulated environments (FISMA/HIPAA/NIST).
* Hands-on incident response support experience and SIEM-driven triage workflows.
* Experience with Splunk Enterprise Security (ES), SOAR automation, and detection engineering at scale.
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×