Splunk Architect Lead
Portland, OR · On-site
Security Analytics & SOC Enablement * Translate SOC, threat hunting, threat intelligence, incident response, and leadership requirements into Splunk architecture, data, dashboard, reporting, and ...
Splunk Architect Lead
Portland, OR · On-site
Security Analytics & SOC Enablement * Translate SOC, threat hunting, threat intelligence, incident response, and leadership requirements into Splunk architecture, data, dashboard, reporting, and ...
Splunk Administrator
Chicago, IL · On-site
NextRow Digital is looking to add a Splunk administrator to work on various client projects. This ... Strong analytical and problem-solving skills -Fundamental understanding of software, cloud ...
Splunk Administrator
Chicago, IL · On-site
NextRow Digital is looking to add a Splunk administrator to work on various client projects. This ... Strong analytical and problem-solving skills -Fundamental understanding of software, cloud ...
Splunk Data Analyst
Laurel, MD · On-site
$103.80K - $218.10K/yr
Splunk Data Analyst Job Category: Information Technology Time Type: Full time Minimum Clearance Required to Start: TS/SCI with Polygraph Employee Type: Regular Percentage of Travel Required: None ...
Splunk Data Analyst
Laurel, MD · On-site
$103.80K - $218.10K/yr
Splunk Data Analyst Job Category: Information Technology Time Type: Full time Minimum Clearance Required to Start: TS/SCI with Polygraph Employee Type: Regular Percentage of Travel Required: None ...
Splunk Engineer
Reston, VA · On-site
... Analysis. Our Staffing division handles, niche staffing needs for companies of all sizes by ... Support, admin, maintain, and expand Splunk infrastructure to meet future architecture design and ...
Splunk Engineer
Reston, VA · On-site
... Analysis. Our Staffing division handles, niche staffing needs for companies of all sizes by ... Support, admin, maintain, and expand Splunk infrastructure to meet future architecture design and ...
Splunk Engineer
Herndon, VA · On-site
$112K - $179K/yr
Responsibilities The Mid-Level Splunk Engineer supports enterprise-wide monitoring, alerting, and analytics across the customer's operational and security environments. This position develops and ...
Splunk Engineer
Herndon, VA · On-site
$112K - $179K/yr
Responsibilities The Mid-Level Splunk Engineer supports enterprise-wide monitoring, alerting, and analytics across the customer's operational and security environments. This position develops and ...
... Analysts' 2012 annual report. Artech provides technical expertise to fill gaps in clients ... Splunk Administrator Location: Pleasanton, CA/ Pasadena, CA (100% Remote after 2 months onsite work ...
... Analysts' 2012 annual report. Artech provides technical expertise to fill gaps in clients ... Splunk Administrator Location: Pleasanton, CA/ Pasadena, CA (100% Remote after 2 months onsite work ...
Splunk Engineer
Jersey City, NJ · On-site
Splunk Engineer (Senior Level) Location: Jersey City, NJ Experience Required: 10+ Years We are ... Strong analytical, troubleshooting, and performance debugging skills. * Ability to work ...
Splunk Engineer
Jersey City, NJ · On-site
Splunk Engineer (Senior Level) Location: Jersey City, NJ Experience Required: 10+ Years We are ... Strong analytical, troubleshooting, and performance debugging skills. * Ability to work ...
Splunk Engineer
$112K - $179K/yr
Responsibilities The Mid-Level Splunk Engineer supports enterprise-wide monitoring, alerting, and analytics across the customer's operational and security environments. This position develops and ...
Splunk Engineer
$112K - $179K/yr
Responsibilities The Mid-Level Splunk Engineer supports enterprise-wide monitoring, alerting, and analytics across the customer's operational and security environments. This position develops and ...
Splunk Consultant
Detroit, MI · On-site
Splunk - data / log analysis tool experience like Splunk and elastic search, has designed systems for HA, DR, Cloud Problem solving, incident management and resolution, participating as needed on any ...
Splunk Consultant
Detroit, MI · On-site
Splunk - data / log analysis tool experience like Splunk and elastic search, has designed systems for HA, DR, Cloud Problem solving, incident management and resolution, participating as needed on any ...
... Analysis. Our Staffing division handles, niche staffing needs for companies of all sizes by ... Support, admin, maintain, and expand Splunk infrastructure to meet future architecture design and ...
... Analysis. Our Staffing division handles, niche staffing needs for companies of all sizes by ... Support, admin, maintain, and expand Splunk infrastructure to meet future architecture design and ...
Splunk Engineer
Herndon, VA · On-site
$112K - $179K/yr
Responsibilities The Mid-Level Splunk Engineer supports enterprise-wide monitoring, alerting, and analytics across the customer's operational and security environments. This position develops and ...
Splunk Engineer
Herndon, VA · On-site
$112K - $179K/yr
Responsibilities The Mid-Level Splunk Engineer supports enterprise-wide monitoring, alerting, and analytics across the customer's operational and security environments. This position develops and ...
Splunk Developer
San Diego, CA · On-site
Splunk Developer Location: San Diego, CA Hire Type: Full Time Only Experience with at least one ... analytics, Hadoop, MapReduce, R, visualization is a plus Experience working in a software ...
Splunk Developer
San Diego, CA · On-site
Splunk Developer Location: San Diego, CA Hire Type: Full Time Only Experience with at least one ... analytics, Hadoop, MapReduce, R, visualization is a plus Experience working in a software ...
This role requires a detail-oriented individual who can effectively analyze and interpret data to support our cybersecurity initiatives. Top 3 Required Skills/Experience: Expertise in Splunk Search ...
This role requires a detail-oriented individual who can effectively analyze and interpret data to support our cybersecurity initiatives. Top 3 Required Skills/Experience: Expertise in Splunk Search ...
Support logging and analytics requirements for Zero Trust and broader modernization initiatives ... Experience with Splunk ES (Enterprise Security) and/or SOAR. * Ability to apply ...
Quick apply
Support logging and analytics requirements for Zero Trust and broader modernization initiatives ... Experience with Splunk ES (Enterprise Security) and/or SOAR. * Ability to apply ...
Splunk Consultant
Detroit, MI · On-site
Splunk - data / log analysis tool experience like Splunk and elastic search, has designed systems for HA, DR, Cloud Problem solving, incident management and resolution, participating as needed on any ...
Splunk Consultant
Detroit, MI · On-site
Splunk - data / log analysis tool experience like Splunk and elastic search, has designed systems for HA, DR, Cloud Problem solving, incident management and resolution, participating as needed on any ...
Splunk Engineer
$112K - $179K/yr
Responsibilities The Mid-Level Splunk Engineer supports enterprise-wide monitoring, alerting, and analytics across the customer's operational and security environments. This position develops and ...
Splunk Engineer
$112K - $179K/yr
Responsibilities The Mid-Level Splunk Engineer supports enterprise-wide monitoring, alerting, and analytics across the customer's operational and security environments. This position develops and ...
Plan and implement Splunk premium apps, such as Splunk ES, app for Exchange, and User Behavior Analytics. * Migrate existing operational processes to Splunk for automation and efficiency. * Document ...
Quick apply
Plan and implement Splunk premium apps, such as Splunk ES, app for Exchange, and User Behavior Analytics. * Migrate existing operational processes to Splunk for automation and efficiency. * Document ...
Splunk Consultant
Washington, DC · On-site
Washington,DC Role Assist in "after action" reviews to identify lessons learned and best practices General Splunk monitoring, analysis, content development and maintenance Requirements Splunk ...
Splunk Consultant
Washington, DC · On-site
Washington,DC Role Assist in "after action" reviews to identify lessons learned and best practices General Splunk monitoring, analysis, content development and maintenance Requirements Splunk ...
Splunk Engineer 104-001
Washington, DC · On-site
SOAR, IT Services Infrastructure (ITSI), User Behavior Analysis (UBA), or ES (SIEM). Works with customers to plan and implement complex Splunk customer solutions. Skill Level 4 : * Skills and Tasks
Splunk Engineer 104-001
Washington, DC · On-site
SOAR, IT Services Infrastructure (ITSI), User Behavior Analysis (UBA), or ES (SIEM). Works with customers to plan and implement complex Splunk customer solutions. Skill Level 4 : * Skills and Tasks
Direct experience as a Splunk Engineer or Architect Prior experience engineering and deploying analytics and SIEM SOC solutions in a large enterprise environment (>50 servers) Scripting and ...
Direct experience as a Splunk Engineer or Architect Prior experience engineering and deploying analytics and SIEM SOC solutions in a large enterprise environment (>50 servers) Scripting and ...
Splunk Analyst information
See salary details
$33K - $41.3K
2% of jobs
$41.3K - $49.5K
10% of jobs
$56.9K is the 25th percentile. Wages below this are outliers.
$49.5K - $57.8K
15% of jobs
$57.8K - $66.1K
18% of jobs
The median wage is $68.7K / yr.
$66.1K - $74.4K
17% of jobs
$74.4K - $82.6K
11% of jobs
$84.9K is the 75th percentile. Wages above this are outliers.
$82.6K - $90.9K
10% of jobs
$90.9K - $99.2K
9% of jobs
$99.2K - $107.5K
2% of jobs
$107.5K - $115.7K
2% of jobs
$115.7K - $124K
5% of jobs
$33K
$76.3K
$124K
How much do splunk analyst jobs pay per year?
As of Jun 3, 2026, the average yearly pay for splunk analyst in the United States is $76,273.00, according to ZipRecruiter salary data. Most workers in this role earn between $57,500.00 and $90,000.00 per year, depending on experience, location, and employer.
What is a Splunk Analyst job?
A Splunk Analyst is responsible for using Splunk, a powerful data analysis and monitoring tool, to collect, analyze, and visualize machine-generated data. They help organizations monitor system performance, detect security threats, and troubleshoot technical issues. Their role often involves creating dashboards, writing search queries, and optimizing Splunk performance. Splunk Analysts are commonly found in IT operations, cybersecurity, and business intelligence teams.
What are the key skills and qualifications needed to thrive in the Splunk Analyst position, and why are they important?
To thrive as a Splunk Analyst, you need strong data analysis, log management, and cybersecurity skills, often backed by a degree in computer science, information technology, or a related field. Proficiency with Splunk software, including Splunk Enterprise and Splunk Security Information and Event Management (SIEM), as well as relevant certifications like Splunk Certified Power User or Splunk Certified Admin, is highly beneficial. Attention to detail, analytical thinking, and effective problem-solving and communication skills are valuable soft skills for this position. These competencies are crucial for efficiently monitoring, interpreting, and acting on complex data to enhance an organization's security and operational effectiveness.
What are the typical daily responsibilities of a Splunk Analyst?
A Splunk Analyst typically spends their day monitoring and analyzing log data from various systems to detect security threats, performance issues, or operational bottlenecks. They create and maintain dashboards, develop search queries, and generate reports to provide actionable insights to stakeholders. Collaboration is common, with Splunk Analysts frequently working alongside IT, cybersecurity, and operations teams to investigate incidents and recommend improvements based on their findings. This role requires ongoing attention to emerging trends and adapting monitoring strategies to stay ahead of potential risks.
Is IT hard to get a job at Splunk?
Getting a job as a Splunk Analyst can be competitive and typically requires relevant technical skills such as data analysis, familiarity with Splunk software, and sometimes certifications like Splunk Certified Power User. Having a strong understanding of IT environments and experience with log management can improve your chances of securing the role.
More about Splunk Analyst jobs
What cities are hiring for Splunk Analyst jobs? Cities with the most Splunk Analyst job openings:
What states have the most Splunk Analyst jobs? States with the most job openings for Splunk Analyst jobs include:
What job categories do people searching Splunk Analyst jobs look for? The top searched job categories for Splunk Analyst jobs are:
Job description
Everforth ECS is seeking a Splunk Architect Lead to work in our Portland, OR office. Please Note: This position is contingent upon contract award.
The Splunk Architect and Lead is responsible for defining, guiding, and overseeing the architecture, implementation, optimization, and governance of Splunk capabilities that support cybersecurity monitoring, threat detection, incident response, reporting, and enterprise security operations. This role provides technical leadership for Splunk Enterprise, Splunk Enterprise Security, Splunk Cloud, and related integrations across complex operational environments.
The ideal candidate combines deep Splunk architecture expertise, hands-on engineering experience, security operations knowledge, and leadership ability to guide engineers, analysts, stakeholders, and vendors. This role establishes scalable designs, enforces technical standards, ensures platform reliability, and translates mission and SOC requirements into secure, maintainable, and operationally effective Splunk solutions.
Key Responsibilities
Splunk Architecture & Strategy
Technical Leadership & Governance
Platform Design, Scalability & Reliability
Data Architecture & Integration Oversight
Security Analytics & SOC Enablement
Implementation Oversight & Quality Assurance
Stakeholder Engagement & Program Support
Documentation, Standards & Continuous Improvement
The Splunk Architect and Lead is responsible for defining, guiding, and overseeing the architecture, implementation, optimization, and governance of Splunk capabilities that support cybersecurity monitoring, threat detection, incident response, reporting, and enterprise security operations. This role provides technical leadership for Splunk Enterprise, Splunk Enterprise Security, Splunk Cloud, and related integrations across complex operational environments.
The ideal candidate combines deep Splunk architecture expertise, hands-on engineering experience, security operations knowledge, and leadership ability to guide engineers, analysts, stakeholders, and vendors. This role establishes scalable designs, enforces technical standards, ensures platform reliability, and translates mission and SOC requirements into secure, maintainable, and operationally effective Splunk solutions.
Key Responsibilities
Splunk Architecture & Strategy
- Define and maintain the target Splunk architecture, including indexer clusters, search head clusters, deployment servers, heavy forwarders, universal forwarders, apps, add-ons, integrations, storage, and high-availability components.
- Develop technical roadmaps, architecture recommendations, implementation plans, and modernization strategies for Splunk Enterprise, Splunk Enterprise Security, Splunk Cloud, or hybrid Splunk environments.
- Ensure Splunk architecture supports SOC operations, security monitoring, incident response, compliance reporting, data retention, scalability, resilience, and performance requirements.
- Assess current-state capabilities, identify architectural gaps, and recommend improvements aligned to program priorities, operational needs, and cybersecurity best practices.
Technical Leadership & Governance
- Serve as the technical lead for Splunk engineering activities, providing direction, review, and mentorship to Splunk engineers, security engineers, analysts, and other technical contributors.
- Establish and enforce Splunk standards for index naming, sourcetypes, field extractions, Common Information Model alignment, knowledge objects, access controls, app deployment, configuration management, and change control.
- Review major design decisions, configuration changes, content deployments, and integration approaches for technical soundness, maintainability, security, and operational impact.
- Coordinate Splunk engineering priorities, assign technical work as needed, and ensure deliverables are completed accurately, consistently, and on schedule.
Platform Design, Scalability & Reliability
- Lead design efforts for platform performance, capacity, storage, retention, data lifecycle management, search concurrency, licensing, disaster recovery, backup, and high availability.
- Oversee platform health monitoring, performance tuning, system optimization, upgrade planning, patching strategies, and long-term maintenance planning.
- Guide troubleshooting of complex issues involving ingestion delays, parsing problems, skipped or dropped data, search performance, data model acceleration, app conflicts, and infrastructure dependencies.
- Partner with infrastructure, cloud, network, identity, endpoint, and system administration teams to ensure Splunk architecture integrates securely and reliably with the broader environment.
Data Architecture & Integration Oversight
- Define data onboarding architecture and integration patterns for security, infrastructure, cloud, endpoint, network, identity, application, vulnerability, and operational data sources.
- Oversee normalization, parsing, field extraction, data routing, index design, retention settings, source coverage, and Splunk Common Information Model implementation.
- Prioritize data source onboarding based on mission value, SOC use cases, detection requirements, compliance needs, and platform capacity constraints.
- Ensure integrations with EDR, NDR, firewalls, IDS/IPS, proxy, DNS, cloud platforms, identity providers, ticketing systems, SOAR platforms, and case management tools are secure, reliable, and supportable.
Security Analytics & SOC Enablement
- Translate SOC, threat hunting, threat intelligence, incident response, and leadership requirements into Splunk architecture, data, dashboard, reporting, and detection engineering capabilities.
- Provide technical guidance for correlation searches, notable event rules, dashboards, reports, risk-based alerting, data models, content packs, and security monitoring use cases.
- Support detection tuning, alert fidelity improvement, false-positive reduction, source coverage analysis, and monitoring gap remediation in coordination with SOC leadership and analysts.
- Ensure Splunk content and data capabilities support timely triage, investigation, evidence retrieval, event reconstruction, and operational reporting.
Implementation Oversight & Quality Assurance
- Lead or oversee implementation activities for Splunk platform components, integrations, apps, add-ons, dashboards, reports, alerts, and security content.
- Validate engineering work products, test plans, deployment packages, configuration changes, and operational procedures before release into production environments.
- Ensure Splunk changes follow approved change management, configuration management, testing, documentation, and rollback processes.
- Coordinate with vendors, product support, and external technical teams to resolve complex issues and evaluate new capabilities.
Stakeholder Engagement & Program Support
- Act as the primary technical point of contact for Splunk architecture, platform strategy, implementation risks, technical dependencies, and capability planning.
- Brief program leadership, SOC leadership, technical teams, and stakeholders on Splunk status, risks, roadmap items, architectural decisions, and recommended investments.
- Translate complex Splunk platform issues, data coverage gaps, and technical tradeoffs into clear operational and business language.
- Support planning, estimation, schedule coordination, status reporting, and prioritization for Splunk-related initiatives.
Documentation, Standards & Continuous Improvement
- Develop and maintain architecture diagrams, engineering standards, design documents, runbooks, operational procedures, troubleshooting guides, and technical decision records.
- Maintain governance for knowledge object management, role-based access, app lifecycle management, source onboarding, dashboard standards, and detection content lifecycle processes.
- Evaluate emerging Splunk features, apps, add-ons, integrations, automation approaches, and security analytics practices to improve reliability, efficiency, and mission value.
- Mentor technical staff and promote consistent Splunk engineering practices, SPL development standards, data quality expectations, and operational discipline.
- 7+ years of experience in cybersecurity engineering, SIEM architecture, security operations, infrastructure engineering, or related technical roles.
- 5+ years of hands-on Splunk administration, engineering, implementation, or architecture experience in enterprise, mission-critical, or security operations environments.
- Proven experience designing, leading, or supporting complex Splunk Enterprise, Splunk Enterprise Security, Splunk Cloud, or distributed Splunk environments.
- Strong understanding of Splunk architecture, including indexers, search heads, deployment servers, forwarders, apps, add-ons, indexes, sourcetypes, knowledge objects, permissions, data models, and licensing.
- Demonstrated experience with data onboarding, parsing, field extraction, normalization, Common Information Model alignment, dashboards, reports, correlation searches, and SPL development.
- Experience leading technical teams, reviewing engineering work products, establishing standards, and coordinating complex implementation or optimization activities.
- Understanding of SOC operations, incident response, threat hunting, detection engineering, cybersecurity data sources, and security monitoring use cases.
- Strong written and verbal communication skills, including the ability to brief technical and non-technical stakeholders on architecture, risks, priorities, and recommendations.