Remote Splunk Engineer Jobs in Virginia (NOW HIRING)

About NDi:

Network Designs, Inc. (NDi) is a leading Federal contractor that specializes in designing, developing, and delivering information technology and network solutions for government customers. Founded in 1985, NDi's firmly defined core values have driven all aspects of the business, which have been paramount to our company's success and the establishment of an enjoyable workplace atmosphere. At NDi, we believe that our people are the cornerstone of our success, and we value collaboration, career growth, and winning ideas. Military Veterans Encouraged to Apply.

Job Description:

The Splunk Dashboard Engineer is responsible for the design, development, and implementation of high-visibility data visualizations that transform complex Continuous Diagnostics and Mitigation (CDM) data into actionable intelligence. This role bridges the gaps between technical security telemetry and system and application teams and executive-level decision-making. You will build dashboards that track compliance against NIST SP 800-53 controls, NIST CSF and NIST RMF frameworks, providing Executives with top-level information needed for decision-making, and System Owners and System and Application Teams with the visibility required to remediate vulnerabilities and bolster the agency's security posture.

Requirements:

• U.S. Citizenship is required
• Must be able to obtain a Public Trust clearance.
• This position is remote with occasional travel to DC, MD, VA, WV, NJ, and OK.

Qualifications and Experience:

• Bachelor's degree in Computer Science, Information Systems, Cybersecurity, Engineering, Mathematics, Technology, or a related IT, engineering, math, or science discipline.
• Certifications: Certified Information Systems Security Professional (CISSP) or Certified Information Systems Auditor (CISA), and Splunk Core Certified Power User or Splunk Cloud Certified Administrator.
• 6+ years of experience in Splunk development, security analytics, or enterprise monitoring environments.
• Strong understanding of the Splunk Common Information Model (CIM) to ensure disparate data sources are normalized for unified reporting.
• Demonstrated experience delivering front-end Splunk dashboards, visualizations, and user-focused analytics for SOC, engineering, compliance, and executive audiences.
• Technical experience leveraging Agile Development practices, Jira, Proficiency in HTML/CSS and JavaScript for advanced dashboard customization and "glass table" views.
• Deep familiarity with the NIST Risk Management Framework (RMF) and how CDM data supports the "Monitor" step.
• Prior experience working within a Civilian or Federal CISO office focusing on NIST compliance, vulnerability management, and Security Information and Event Management (SIEM).

Required Tools and Technologies:

• Splunk Platform
• Splunk Enterprise and/or Splunk Cloud
• Splunk Search Processing Language (SPL) for advanced searches, analytics, and data correlation
• Splunk Dashboard Studio and Classic Simple XML
• Splunk Enterprise Security (ES) (preferred): correlation searches, notable events, risk-based alerting
• Splunk Common Information Model (CIM) and data models
• Splunk Lookups, KV Store, summary indexing, and scheduled searches
• Splunk Role-Based Access Control (RBAC) and knowledge object management
• Front-End Development & Visualization
• Dashboard design and customization using Simple XML
• HTML, CSS, and JavaScript for UI customization and advanced dashboard behavior
• SplunkJS SDK (as applicable)
• Data visualization best practices for security and operational analytics
• Data Sources & Integrations
• Log ingestion and normalization from:
• Firewalls, IDS/IPS, VPNs, endpoint protection platforms
• Identity systems (Active Directory, IAM solutions)
• Operating systems (Windows, Linux)
• Cloud platforms (AWS, Azure, GCP)
• Experience with log forwarders, parsing, field extraction, and sourcetypes
• Security & SIEM Technologies
• SIEM and security monitoring concepts
• Familiarity with:
• Firewalls, IDS/IPS (e.g., Snort, Suricata)
• Endpoint security tools
• Threat detection and incident response workflows
• Understanding of cyber threats, attack vectors, and log-based detection methods
• Automation & Scripting (Supporting)
• Python and/or PowerShell for data analysis, automation, or API integration
• REST APIs for integrating Splunk with external systems
• Security frameworks and standards NIST RMF, FISMA, FedRAMP, ISO 27001, DoD STIGs

Responsibilities:

• Stakeholder Engagement: Conduct requirement-gathering sessions with System Owners, System and Application Teams, and Executives to define Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs).
• Data Visualization & UX: Design and maintain complex dashboards using Splunk XML (Simple XML), Splunk Search Processing Language (SPL) and Splunk Dashboard Studio to provide real-time visibility into CDM data.
• Compliance Mapping: Translate NIST control requirements (e.g., AC, AU, CM, SI families) into technical Splunk queries (SPL) to automate compliance reporting.
• Data Integration: Collaborate with System, Application, and Data Engineers to ensure CDM data feeds (Hardware/Software Asset Management, Vulnerability Management, and Identity Management) are correctly indexed and CIM-compliant.
• Optimization: Audit and tune existing dashboard queries to ensure high performance, minimal load times, and efficient use of system resources.
• Training and Demo Sessions: Lead interactive training and demonstration sessions for System Owners, application teams, and executives to facilitate dashboard adoption and secure formal sign-off on visualization requirements and dashboard acceptance.

Splunk Front-End Development:

• Master proficiency with Splunk Search Processing Language (SPL), including writing advanced, optimized queries using transforms like stats, eval, rex, mstats, and tstats for high-speed data retrieval.
• Strong experience developing and customizing:
• Splunk dashboards using Classic XML and Dashboard Studio
• Interactive forms, tokens, drilldowns, and role-based views
• Ability to optimize dashboards and SPL queries for performance, scalability, and usability.

Data Visualization & User Experience:

• Strong understanding of data visualization principles and best practices.
• Experience translating complex log and security data into clear, actionable insights and executive-level metrics.
• Ability to design dashboards aligned to KPIs, SLAs, and operational goals.

Security Analytics & SIEM Knowledge:

• Ability to interpret CDM data models by navigating and utilizing CDM Agency Dashboard data models to ensure consistency with federal reporting standards.
• Experience performing root cause analysis. Utilizing dashboards to identify security gaps, misconfigurations, or data quality issues within the environment.
• Strong knowledge of:
• Cyber threats, attack vectors, APTs, and log-based detection
• SIEM concepts and SOC workflows

Data Onboarding & Normalization:

• Strong understanding of data ingestion, parsing, and field extraction from diverse sources such as Firewalls, IDS/IPS, endpoint tools, cloud platforms (AWS, Azure, GCP), and operating systems
• Experience applying Splunk CIM data models to support reusable analytics and dashboards.
• Experience with automating reporting by developing scheduled reports and PDF delivery mechanisms to provide recurring updates for FISMA and NIST audits

Governance, Compliance & Reporting:

• Experience supporting compliance and reporting aligned with NIST, FISMA, FedRAMP, ISO 27001, and DoD STIGs.
• Ability to develop audit-ready dashboards and reports supporting security assessments and ATO activities.
• Experience documenting SPL logic, data sources, and dashboard functionality.

Analytical & Problem-Solving Skills:

• Proficient in standard and advanced analytical techniques to correlate events, identify trends, and surface anomalies.
• Ability to troubleshoot dashboard performance, data quality, and visualization issues across complex environments.
• Apply data-driven analysis to improve monitoring coverage and security visibility.

Collaboration, Communication, and Professional Attributes:

• Strong ability to communicate technically and strategically; explain complex "broken" security controls to technical teams while summarizing the "so what" for executive leadership.
• Collaborate with SOC analysts, engineers, auditors, and leadership to gather requirements and deliver effective Splunk solutions.
• Strong organizational, time-management, and multitasking skills.
• Highly responsive and customer-focused.
• Detail-oriented with a strong emphasis on data accuracy and consistency.
• Ability to work with confidential and proprietary information with discretion.
• Commitment to staying current with Splunk platform enhancements, visualization capabilities, and security analytics best practices.

Compensation and Benefits:

At NDi, we value our team and are committed to retaining top talent by offering competitive benefits and compensation packages. Our employee benefits package includes comprehensive health, dental, vision, pet, and legal insurance. Our corporate benefits include 401(k) retirement matching, paid leave, paid holidays, and health and wellness programs. In addition, we provide employer-paid life and disability insurance, professional development, education benefits, and much more to ensure our team has the resources they need to thrive on and off the job.

Veterans First Commitment:

As a Service-Disabled Veteran-Owned Small Business (SDVOSB), NDi is dedicated to hiring veterans and providing a supportive work environment that honors their service while recognizing the unique skills and experiences they bring to our organization.

Our Commitment:

Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status or other characteristics protected by law.

Apply Now: Take advantage of this unique opportunity to join one of the fastest-growing companies in Federal contracting!