2

Remote Splunk Jobs in Portland, OR (NOW HIRING)

The Splunk Architect and Lead is responsible for defining, guiding, and overseeing the architecture, implementation, optimization, and governance of Splunk capabilities that support cybersecurity ...

Senior Splunk Engineer

Portland, OR · On-site +1

$125K - $148K/yr

The Senior Splunk Engineer designs, implements, maintains, and optimizes Splunk capabilities that support cybersecurity monitoring, investigation, reporting, and security operations. This role is ...

SIEMs like Splunk; or other security stack tools). * Product Expert Mindset: A passion for becoming ... Fully remote working environment: While we have physical offices in Sydney & Hobart, we do not ...

DevOps (Remote Position)

Portland, OR · On-site +1

$56 - $76.50/hr

Company Description Job Position: DevOps Consultant Location: Portland, OR Long Term Contract Note: Can be done remotely with some client site travel BASIC QUALIFICATIONS: * Impeccable communication ...

DevOps (Remote Position)

Portland, OR · Remote

$56 - $76.50/hr

Job Position: DevOps Consultant Location: Portland, OR Long Term Contract Note: Can be done remotely with some client site travel BASIC QUALIFICATIONS: * Impeccable communication skills and customer ...

Contribute to developing cutting-edge AI systems, while enjoying the flexibility of remote work and setting your own schedule. We are looking for existing cybersecurity professionals to help advance ...

Contribute to developing cutting-edge AI systems, while enjoying the flexibility of remote work and setting your own schedule. We are looking for existing cybersecurity professionals to help advance ...

Lead DevOps Engineer

Portland, OR · Remote

$54 - $74/hr

Remote * Contract or B2B arrangement Our values We are a company that seeks the best for both our employees and clients, reaching beyond expectations in turning dreams into reality. Our way of ...

Sr. Principal IAM Security Engineer

Portland, OR · Remote

$121K - $166K/yr

Remote Eligible Team: Cyber Defense - IAM Autodesk's Cyber Defense team is looking fora Sr.Principal IAMSecurityEngineer tolead the strategy and execution for modern Identity and Access Management ...

Remote Splunk information

See Portland, OR salary details

$43

$63

$81

How much do remote splunk jobs pay per hour?

As of Jul 3, 2026, the average hourly pay for remote splunk in Portland, OR is $63.81, according to ZipRecruiter salary data. Most workers in this role earn between $56.35 and $70.34 per hour, depending on experience, location, and employer.

What is a Remote Splunk job?

A Remote Splunk job involves working with Splunk, a data analysis and monitoring platform, from a remote location. Responsibilities typically include configuring, managing, and troubleshooting Splunk environments, creating dashboards, and analyzing log data to identify security or operational issues. These roles are common in cybersecurity, IT operations, and data analytics. Remote Splunk professionals need expertise in Splunk software, data ingestion, scripting, and sometimes cloud platforms.

What does a typical workday look like for someone in a Remote Splunk role?

In a Remote Splunk role, your day typically involves monitoring and analyzing log data to detect security incidents, creating and optimizing Splunk queries, building dashboards, and collaborating with IT or security teams to troubleshoot issues. Most tasks are performed independently from your home office, but you’ll often participate in virtual meetings to review findings, implement solutions, and support ongoing projects. You may also spend time documenting processes, providing input on best practices, and staying updated on new Splunk features or security trends. This remote structure allows for flexibility while remaining highly connected to team goals and incident response efforts.

What are the key skills and qualifications needed to thrive in the Remote Splunk position, and why are they important?

To excel as a Remote Splunk professional, you need strong analytical skills, experience with Splunk or SIEM tools, and a background in IT, cybersecurity, or systems administration. Familiarity with Splunk Enterprise, Splunk Cloud, SPL (Search Processing Language), and relevant certifications like Splunk Certified Power User or Administrator is highly beneficial. Excellent problem-solving abilities, attention to detail, and effective communication are key soft skills for this role. These competencies help ensure the efficient detection, analysis, and mitigation of security incidents while facilitating effective teamwork in a remote environment.

What are the most commonly searched types of Splunk jobs in Portland, OR? The most popular types of Splunk jobs in Portland, OR are:
What are popular job titles related to Remote Splunk jobs in Portland, OR? For Remote Splunk jobs in Portland, OR, the most frequently searched job titles are:
What job categories do people searching Remote Splunk jobs in Portland, OR look for? The top searched job categories for Remote Splunk jobs in Portland, OR are:
Infographic showing various Remote Splunk job openings in Portland, OR as of June 2026, with employment types broken down into 64% Full Time, and 36% Contract. Highlights an 100% Remote job distribution, with an average salary of $132,733 per year, or $63.8 per hour.
Splunk Architect Lead

Splunk Architect Lead

ECS

Portland, OR • On-site, Remote

Full-time

Posted 14 days ago


Job description

Everforth ECS is seeking a Splunk Architect Lead to work in our Portland, OR office or Remotely.
The Splunk Architect and Lead is responsible for defining, guiding, and overseeing the architecture, implementation, optimization, and governance of Splunk capabilities that support cybersecurity monitoring, threat detection, incident response, reporting, and enterprise security operations. This role provides technical leadership for Splunk Enterprise, Splunk Enterprise Security, Splunk Cloud, and related integrations across complex operational environments.
The ideal candidate combines deep Splunk architecture expertise, hands-on engineering experience, security operations knowledge, and leadership ability to guide engineers, analysts, stakeholders, and vendors. This role establishes scalable designs, enforces technical standards, ensures platform reliability, and translates mission and SOC requirements into secure, maintainable, and operationally effective Splunk solutions.
Key Responsibilities
Splunk Architecture & Strategy
  • Define and maintain the target Splunk architecture, including indexer clusters, search head clusters, deployment servers, heavy forwarders, universal forwarders, apps, add-ons, integrations, storage, and high-availability components.
  • Develop technical roadmaps, architecture recommendations, implementation plans, and modernization strategies for Splunk Enterprise, Splunk Enterprise Security, Splunk Cloud, or hybrid Splunk environments.
  • Ensure Splunk architecture supports SOC operations, security monitoring, incident response, compliance reporting, data retention, scalability, resilience, and performance requirements.
  • Assess current-state capabilities, identify architectural gaps, and recommend improvements aligned to program priorities, operational needs, and cybersecurity best practices.

Technical Leadership & Governance
  • Serve as the technical lead for Splunk engineering activities, providing direction, review, and mentorship to Splunk engineers, security engineers, analysts, and other technical contributors.
  • Establish and enforce Splunk standards for index naming, sourcetypes, field extractions, Common Information Model alignment, knowledge objects, access controls, app deployment, configuration management, and change control.
  • Review major design decisions, configuration changes, content deployments, and integration approaches for technical soundness, maintainability, security, and operational impact.
  • Coordinate Splunk engineering priorities, assign technical work as needed, and ensure deliverables are completed accurately, consistently, and on schedule.

Platform Design, Scalability & Reliability
  • Lead design efforts for platform performance, capacity, storage, retention, data lifecycle management, search concurrency, licensing, disaster recovery, backup, and high availability.
  • Oversee platform health monitoring, performance tuning, system optimization, upgrade planning, patching strategies, and long-term maintenance planning.
  • Guide troubleshooting of complex issues involving ingestion delays, parsing problems, skipped or dropped data, search performance, data model acceleration, app conflicts, and infrastructure dependencies.
  • Partner with infrastructure, cloud, network, identity, endpoint, and system administration teams to ensure Splunk architecture integrates securely and reliably with the broader environment.

Data Architecture & Integration Oversight
  • Define data onboarding architecture and integration patterns for security, infrastructure, cloud, endpoint, network, identity, application, vulnerability, and operational data sources.
  • Oversee normalization, parsing, field extraction, data routing, index design, retention settings, source coverage, and Splunk Common Information Model implementation.
  • Prioritize data source onboarding based on mission value, SOC use cases, detection requirements, compliance needs, and platform capacity constraints.
  • Ensure integrations with EDR, NDR, firewalls, IDS/IPS, proxy, DNS, cloud platforms, identity providers, ticketing systems, SOAR platforms, and case management tools are secure, reliable, and supportable.

Security Analytics & SOC Enablement
  • Translate SOC, threat hunting, threat intelligence, incident response, and leadership requirements into Splunk architecture, data, dashboard, reporting, and detection engineering capabilities.
  • Provide technical guidance for correlation searches, notable event rules, dashboards, reports, risk-based alerting, data models, content packs, and security monitoring use cases.
  • Support detection tuning, alert fidelity improvement, false-positive reduction, source coverage analysis, and monitoring gap remediation in coordination with SOC leadership and analysts.
  • Ensure Splunk content and data capabilities support timely triage, investigation, evidence retrieval, event reconstruction, and operational reporting.

Implementation Oversight & Quality Assurance
  • Lead or oversee implementation activities for Splunk platform components, integrations, apps, add-ons, dashboards, reports, alerts, and security content.
  • Validate engineering work products, test plans, deployment packages, configuration changes, and operational procedures before release into production environments.
  • Ensure Splunk changes follow approved change management, configuration management, testing, documentation, and rollback processes.
  • Coordinate with vendors, product support, and external technical teams to resolve complex issues and evaluate new capabilities.

Stakeholder Engagement & Program Support
  • Act as the primary technical point of contact for Splunk architecture, platform strategy, implementation risks, technical dependencies, and capability planning.
  • Brief program leadership, SOC leadership, technical teams, and stakeholders on Splunk status, risks, roadmap items, architectural decisions, and recommended investments.
  • Translate complex Splunk platform issues, data coverage gaps, and technical tradeoffs into clear operational and business language.
  • Support planning, estimation, schedule coordination, status reporting, and prioritization for Splunk-related initiatives.

Documentation, Standards & Continuous Improvement
  • Develop and maintain architecture diagrams, engineering standards, design documents, runbooks, operational procedures, troubleshooting guides, and technical decision records.
  • Maintain governance for knowledge object management, role-based access, app lifecycle management, source onboarding, dashboard standards, and detection content lifecycle processes.
  • Evaluate emerging Splunk features, apps, add-ons, integrations, automation approaches, and security analytics practices to improve reliability, efficiency, and mission value.
  • Mentor technical staff and promote consistent Splunk engineering practices, SPL development standards, data quality expectations, and operational discipline.

Salary Range:$165,000-$200,000
General Description of Benefits
  • U.S. Citizenship with ability to obtain and maintain a DOE "L" clearance after start.
  • 7+ years of experience in cybersecurity engineering, SIEM architecture, security operations, infrastructure engineering, or related technical roles.
  • 5+ years of hands-on Splunk administration, engineering, implementation, or architecture experience in enterprise, mission-critical, or security operations environments.
  • Proven experience designing, leading, or supporting complex Splunk Enterprise, Splunk Enterprise Security, Splunk Cloud, or distributed Splunk environments.
  • Strong understanding of Splunk architecture, including indexers, search heads, deployment servers, forwarders, apps, add-ons, indexes, sourcetypes, knowledge objects, permissions, data models, and licensing.
  • Demonstrated experience with data onboarding, parsing, field extraction, normalization, Common Information Model alignment, dashboards, reports, correlation searches, and SPL development.
  • Experience leading technical teams, reviewing engineering work products, establishing standards, and coordinating complex implementation or optimization activities.
  • Understanding of SOC operations, incident response, threat hunting, detection engineering, cybersecurity data sources, and security monitoring use cases.
  • Strong written and verbal communication skills, including the ability to brief technical and non-technical stakeholders on architecture, risks, priorities, and recommendations.