1

Splunk Administrator Jobs in Reston, VA (NOW HIRING)

Design, build, implement, and administer Splunk infrastructure in on-prem and cloud environments. * Create, manage, and support automation solutions for Splunk deployment and orchestration in on-prem ...

Design, build, implement, and administer Splunk infrastructure in on-prem and cloud environments. * Create, manage, and support automation solutions for Splunk deployment and orchestration in on-prem ...

Splunk Engineer

Herndon, VA · On-site

$112K - $179K/yr

Current Splunk Core Certified Power User, Admin, or Architect certification. * Experience supporting federal or DoD environments and familiarity with RMF (Risk Management Framework). * Experience ...

Splunk Engineer

Herndon, VA · On-site

$112K - $179K/yr

Current Splunk Core Certified Power User, Admin, or Architect certification. * Active CompTIA Security+, CySA+, CASP+, CISSP, or equivalent DoD 8570 IAT Level II. * Experience supporting federal or ...

Splunk Engineer

Washington, DC · On-site

$112K - $179K/yr

Current Splunk Core Certified Power User, Admin, or Architect certification. * Experience supporting federal or DoD environments and familiarity with RMF (Risk Management Framework). * Experience ...

Splunk Enterprise Certified Admin. * 1-3 years of demonstratable experience in implementing or maintaining a Splunk environment. * 1 year of demonstrable experience in building Splunk content (e.g ...

Current Splunk Core Certified Power User, Admin, or Architect certification. * Experience supporting federal or DoD environments and familiarity with RMF (Risk Management Framework). * Experience ...

Splunk Enterprise Certified Admin. * 1-3 years of demonstratable experience in implementing or maintaining a Splunk environment. * 1 year of demonstrable experience in building Splunk content (e.g ...

Current Splunk Core Certified Power User, Admin, or Architect certification. * Experience supporting federal or DoD environments and familiarity with RMF (Risk Management Framework). * Experience ...

Splunk Engineer

Riverdale, MD · On-site

$112K - $179K/yr

Current Splunk Core Certified Power User, Admin, or Architect certification. * Experience supporting federal or DoD environments and familiarity with RMF (Risk Management Framework). * Experience ...

Splunk Engineer

Herndon, VA · On-site

$112K - $179K/yr

Current Splunk Core Certified Power User, Admin, or Architect certification. * Experience supporting federal or DoD environments and familiarity with RMF (Risk Management Framework). * Experience ...

Current Splunk Core Certified Power User, Admin, or Architect certification. * Experience supporting federal or DoD environments and familiarity with RMF (Risk Management Framework). * Experience ...

Splunk Enterprise Certified Admin. * 1-3 years of demonstratable experience in implementing or maintaining a Splunk environment. * 1 year of demonstrable experience in building Splunk content (e.g ...

Splunk Engineer

Alexandria, VA · On-site

$140K - $150K/yr

Splunk Enterprise Certified Administrator certification. * Foundational knowledge and experience with Linux operating systems. * Experience working in cloud environments. * Experience supporting ...

Ashburn is seeking a Senior Splunk Engineer to support a federal cybersecurity architecture opportunity. This Key Personnel role will support enterprise SIEM operations, Splunk architecture, data ...

Ashburn is seeking a Senior Splunk Engineer to support a federal cybersecurity architecture opportunity. This Key Personnel role will support enterprise SIEM operations, Splunk architecture, data ...

Ashburn is seeking a Senior Splunk Engineer to support a federal cybersecurity architecture opportunity. This Key Personnel role will support enterprise SIEM operations, Splunk architecture, data ...

Splunk Consultant Duration : 6 Months Location : Washington,DC Role Assist in "after action" reviews to identify lessons learned and best practices General Splunk monitoring, analysis, content ...

next page

Showing results 1-20

Splunk Administrator information

What are the key skills and qualifications needed to thrive as a Splunk Administrator, and why are they important?

To thrive as a Splunk Administrator, you need strong knowledge of system administration, log management, and data analysis, typically supported by a bachelor’s degree in IT or related fields. Familiarity with Splunk Enterprise, SPL (Search Processing Language), and certifications like Splunk Certified Power User or Splunk Certified Admin are highly valued. Problem-solving ability, attention to detail, and effective communication are essential soft skills for success in this role. These competencies ensure reliable system performance, efficient data insights, and seamless collaboration with IT and security teams.

How much is the Splunk admin exam?

The Splunk Certified Power User exam for administrators typically costs around $200 USD. Prices may vary depending on the certification level and region, and candidates should check the official Splunk certification website for the most current fees and exam details.

What is the difference between Splunk Administrator vs Security Information and Event Management (SIEM) Analyst?

AspectSplunk AdministratorSIEM Analyst
Required CertificationsSplunk Certified User, Splunk Core Certified Power UserGIAC Security Essentials, CompTIA Security+
Work EnvironmentIT teams managing Splunk deployments, data analysisSecurity teams monitoring security events, incident response
Employer & Industry UsageTech, finance, healthcare, any industry using SplunkCybersecurity firms, enterprise security departments

While both roles involve data analysis and security, a Splunk Administrator primarily manages and maintains Splunk platforms, ensuring data ingestion and system performance. In contrast, a SIEM Analyst focuses on analyzing security events, identifying threats, and responding to incidents using SIEM tools, including Splunk. Both roles often collaborate but serve different core functions within an organization's security and data infrastructure.

Is Splunk in high demand?

Splunk Administrators are in high demand due to the increasing need for cybersecurity, data analysis, and IT operations management. Organizations seek professionals skilled in managing and optimizing Splunk environments, often requiring certifications and experience with log management and data visualization tools.

What does a Splunk administrator do?

A Splunk administrator manages and maintains the Splunk platform, ensuring data is properly ingested, indexed, and searchable. They configure dashboards, set up alerts, troubleshoot issues, and optimize system performance, often using scripting and knowledge of security protocols. Certification in Splunk and familiarity with IT environments are common requirements.

What are some common challenges Splunk Administrators face when managing large-scale deployments?

Splunk Administrators often encounter challenges related to indexing large volumes of data, maintaining system performance, and ensuring data security across distributed environments. Managing data retention policies, optimizing search queries, and troubleshooting indexing or forwarding issues are routine tasks that require strong problem-solving skills. Collaboration with security, IT, and development teams is essential to ensure data sources are properly onboarded and dashboards meet organizational needs. Staying current with Splunk updates and best practices is also crucial for scalability and system reliability.

What are Splunk Administrators?

Splunk Administrators are IT professionals responsible for installing, configuring, managing, and maintaining Splunk environments. They ensure that Splunk software runs efficiently, managing data ingestion, indexing, and user access. Their role often includes troubleshooting issues, optimizing performance, and supporting users with dashboards and searches. Additionally, they may be involved in implementing security controls and integrating Splunk with other tools to enhance data analysis and reporting.

Is it hard to get hired at Splunk?

As a Splunk Administrator, securing a job can depend on your experience with Splunk software, data analysis skills, and relevant certifications. Employers often look for candidates with hands-on experience, knowledge of scripting, and understanding of IT environments, making the hiring process competitive for those with the right skills and qualifications.
What are popular job titles related to Splunk Administrator jobs in Reston, VA? For Splunk Administrator jobs in Reston, VA, the most frequently searched job titles are:
What job categories do people searching Splunk Administrator jobs in Reston, VA look for? The top searched job categories for Splunk Administrator jobs in Reston, VA are:
What cities near Reston, VA are hiring for Splunk Administrator jobs? Cities near Reston, VA with the most Splunk Administrator job openings:
Splunk Content Developer

Splunk Content Developer

Leidos

Arlington, VA • On-site

Full-time

Re-posted 11 days ago


Leidos rating

8.4

Company rating: 8.4 out of 10

Based on 149 frontline employees who took The Breakroom Quiz

56th of 449 rated business services


Job description

Leidos has an immediate need for a Splunk Content Developer for a new customer on a highly-visible and strategic
Cybersecurity Task Order.
The Splunk Content Developer SME will install and maintain Splunk infrastructure, gather requirements from customers, onboard data, and assist end users with searches, dashboards, reports, and knowledge objects. The Splunk Engineer SME may be required to interact with senior management, as necessary.
  • Conceptualize, design, build, and maintain current and future customer-supported tools and platforms

  • Manage multiple assignments, changing priorities, and work independently with little oversight

  • Develop data storage, access, and retention strategies for a large IT enterprise using industry standards and best

practices to advise Customer executive-level stakeholders
  • Design, build, implement, and administer Splunk infrastructure in on-prem and cloud environments.

  • Create, manage, and support automation solutions for Splunk deployment and orchestration in on-prem and cloud

environments
  • Work with existing and custom Splunk applications and add-ons to fulfill customer needs

  • Provide overall engineering and design support for a distributed Splunk environment consisting of heavy forwarders,

indexers, and search head servers, spanning security, performance, a operational roles
  • Onboard data to Splunk via forwarder, scripted inputs, TCP/UDP, and modular inputs from various sources

  • Normalize data to ensure CIM compliance, and develop data models to accelerate queries, dashboards, and

correlation searches
  • Work closely with all relevant stakeholders to solve technical problems at the network, system, and application levels

  • Conduct periodic architectural reviews of Splunk and related systems to assess effectiveness and propose optimal

installation alternatives as required
  • Develop and manage comprehensive documentation, artifacts, procedures, and processes for the optimal

management of the Splunk infrastructure
Basic Qualifications:
  • Bachelor's Degree and 12-15 years of experience in system administration, database administration, network engineering, software engineering, or software development, with a concentration in Cybersecurity . Additional years of experience and Cyber certifications may be considered in lieu of a degree.

  • 12-15 years of experience with Linux and Windows system administration or an expert understanding of

operating systems and common operating environments
  • Ten (10) years of experience with Splunk in distributed deployments

  • Current Splunk Enterprise Certified Architect certification

  • Excellent written and oral skills, ability to work closely with multiple customers, manage expectations, and track

engagement scope
  • Experience implementing FISMA, NIST, NSA, and other information security, cybersecurity and CDM-related

industry policies, procedures, guidelines, standards, and best practices
  • Expert-level knowledge and ability with Splunk Enterprise Security or integration with other Security Information

and Event Management (SIEM) platforms
  • Extensive experience with advanced configuration of Splunk including Indexer Clustering and Search Head

Clustering
  • Proficient at data on-boarding activities including routing, parsing, and normalizing events to the Splunk Common

  • Information Model (CIM)

  • Proficiency onboarding data using Splunk-developed add-ons for Windows, Linux, and common third-party devices

and applications
  • Experience onboarding data into Splunk via forwarder, scripted inputs, TCP/UDP, and modular inputs from a variety

of sources
  • Proficiency managing Splunk using the Splunk command-line interface

  • Proficiency managing Splunk using configuration files

  • Experience collaborating with separate engineering teams to configure data sources for Splunk integration

  • Intermediate understanding of SQL and common SQL dialects

  • Proficiency implementing and onboarding data in Splunk DB Connect

  • Experience with Splunk performing systems administration, including performing installation, configuration,

  • monitoring system performance and availability, upgrades, and troubleshooting

  • General networking and security troubleshooting (firewalls, routing, NAT, etc.)

  • Splunk architecture/design, implementation, and troubleshooting experience

  • Experience in managing, maintaining, and administering multi-site indexer cluster

  • Proficiency developing log ingestion and aggregation strategies per Splunk best practices

  • Perform integration activities to configure, connect, and pull data with 3rd party software APIs

  • Experience implementing and optimizing Splunk data models

  • Proficient in regular expressions

  • Scripting and development skills (Bash, Python, or PowerShell)

  • Ability to autonomously prioritize and successfully deliver across a portfolio of projects

  • Department of Homeland Security ESOC employees are required to obtain an Entry on Duty (EOD) clearance to

support this program
Preferred Certifications (one or more of the following): Splunk Certified Consultant, Splunk Certified Architect, CASP, GCWN, GISF, GSSP, GICSP, CCNP, CCNP Security, CCIE Security, CEH, ENSA, ECSP, MCSE, VCP, BCAP, VCIX, VCDX, RHCA, RHCE
If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo - because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 - and moving faster than anyone else dares.
Original Posting:
May 4, 2026
For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range:
Pay Range $131,300.00 - $237,350.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

What Leidos employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom


Leidos logo

About Leidos

Sourced by ZipRecruiter

At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers' success. We empower our teams, contribute to our communities, and operate sustainable practices. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community.

Industry

It services

Company size

10,000+ Employees

Headquarters location

Reston, VA, US

Social media