1

Splunk Power User Jobs in Oregon (NOW HIRING)

Senior SIEM Engineer

$114K - $156K/yr

Splunk Core Certified Power User and Splunk Enterprise Certified Admin. Splunk Certified Architect, Splunk Enterprise Security Certified Admin, or Splunk Core Certified Consultant is strongly ...

Apps AI Solution Architect AMS

OR · Remote

$59 - $77.75/hr

... powered, end-to-end solutions for all industries. Atos Group is the brand under which Atos SE ... Lead the design of UI/UX flows, user-facing AI interactions, conversational interfaces, and AI ...

Apps AI Solution Architect AMS

OR · On-site +1

$59 - $77.75/hr

... powered, end-to-end solutions for all industries. Atos Group is the brand under which Atos SE ... Lead the design of UI/UX flows, user-facing AI interactions, conversational interfaces, and AI ...

... confident decisions powered by AI and real signals. By combining our scale, insights, and AI ... user base * Produce high-quality results by leading large cross-functional projects that have a ...

Splunk Power User information

See Oregon salary details

$30.7K

$123.7K

$167.6K

How much do splunk power user jobs pay per year?

As of Jul 2, 2026, the average yearly pay for splunk power user in Oregon is $123,703.00, according to ZipRecruiter salary data. Most workers in this role earn between $104,700.00 and $141,100.00 per year, depending on experience, location, and employer.

How does a Splunk Power User typically collaborate with IT and security teams within an organization?

A Splunk Power User frequently acts as a bridge between raw data and actionable insights for both IT and security teams. They work closely with team members to create meaningful dashboards, alerts, and reports tailored to each department's needs. This role often involves translating technical requirements into Splunk searches and visualizations, facilitating faster troubleshooting and incident response. Regular collaboration ensures that data sources are properly onboarded and that the organization leverages Splunk's full potential for monitoring, compliance, and security.

What is the role of power user in Splunk?

A Splunk Power User is responsible for creating and managing searches, dashboards, and reports within the platform, often providing advanced support to users. They possess strong knowledge of Splunk's search processing language (SPL) and may assist with optimizing data queries and configurations to improve system performance.

What is the difference between Splunk Power User vs Splunk Administrator?

AspectSplunk Power UserSplunk Administrator
CredentialsBasic Splunk certifications, familiarity with Splunk queriesAdvanced certifications, deeper knowledge of Splunk architecture
Work EnvironmentEnd-users, analysts, and reporting rolesSystem management, deployment, and maintenance
Industry UsageData analysis, troubleshooting, and reportingSystem setup, configuration, and health monitoring

Splunk Power Users focus on analyzing data and creating reports using Splunk, while Splunk Administrators handle system setup, configuration, and maintenance. Both roles require familiarity with Splunk but differ in technical depth and responsibilities.

How much does Splunk power user training cost?

Splunk Power User training costs typically range from $2,000 to $4,000 for instructor-led courses, depending on the provider and training format. Online self-paced options may be less expensive, often around $1,000 to $2,500. Additional costs may include certification exams and training materials.

Is it hard to get hired at Splunk?

Getting hired as a Splunk Power User typically requires relevant experience with Splunk software, strong analytical skills, and familiarity with data analysis and troubleshooting. Employers often look for certifications like Splunk Certified Power User or Administrator, and the hiring process may include technical assessments and interviews. The difficulty varies based on the candidate's skills and the job market demand.

What are the key skills and qualifications needed to thrive as a Splunk Power User, and why are they important?

To thrive as a Splunk Power User, you need a solid understanding of data analysis, search processing language (SPL), and system monitoring, typically supported by experience with IT operations or cybersecurity. Familiarity with the Splunk platform, dashboards, reports, and ideally a Splunk Power User certification are important technical assets. Strong problem-solving, attention to detail, and effective communication skills help users interpret data insights and collaborate with technical teams. These skills and qualities enable efficient use of Splunk for identifying issues, optimizing performance, and supporting organizational security and compliance.

What are Splunk Power Users?

Splunk Power Users are individuals who have advanced knowledge and skills in using Splunk for searching, analyzing, and visualizing machine data. They are proficient in creating complex searches, dashboards, alerts, and reports, and often help organizations derive insights from large volumes of data. Power Users typically have access to more features than standard users, such as creating knowledge objects and managing data models, but less access than Splunk administrators. They play a crucial role in maximizing the value of Splunk within an organization by building efficient queries and sharing actionable insights with teams.

Is Splunk in high demand?

Splunk Power Users are in high demand due to the increasing need for data analysis, security monitoring, and IT operations management. Organizations seek professionals skilled in using Splunk for real-time data insights, often requiring certifications and experience with related tools like scripting and dashboards.
What are popular job titles related to Splunk Power User jobs in Oregon? For Splunk Power User jobs in Oregon, the most frequently searched job titles are:
What job categories do people searching Splunk Power User jobs in Oregon look for? The top searched job categories for Splunk Power User jobs in Oregon are:
Infographic showing various Splunk Power User job openings in Oregon as of June 2026, with employment types broken down into 65% Full Time, 22% Part Time, 4% Temporary, and 9% Contract. Highlights an 92% Physical, 3% Hybrid, and 5% Remote job distribution, with an average salary of $123,703 per year, or $59.5 per hour.
Senior SIEM Engineer

$114K - $156K/yr

Full-time

Medical, Dental, Vision, Life

Posted 10 days ago


Job description

Position Description

Valiant Solutions is seeking a Senior SIEM Engineer to join our rapidly growing and innovative cybersecurity team!

The Senior SIEM Engineer serves as the technical lead for the design, deployment, tuning, and sustainment of the enterprise Security Information and Event Management (SIEM) platform that supports the client's Security Operations Center (SOC). This role owns the health and performance of the SIEM environment that ingests logs and telemetry across endpoint, network, cloud, operating system, and application layers, and feeds the 24x7x365 monitoring mission. Working alongside SOC analysts, threat hunters, engineering teams, and the client's stakeholders, the Senior SIEM Engineer translates detection requirements into production-ready content, integrates the SIEm with SOAR, EDR, CDM, and identity platforms, and builds the dashboards, correlation searches, and data models that allow Tier 1 through Tier 3 analysts to triage, investigate, and respond to threats within the client's's contractual timeframes. The position requires deep, hands-on SIEM expertise, strong cloud and federal cybersecurity context, and the judgment to balance ingest costs, data quality, detection coverage, and compliance with OMB M-26-14, NIST SP 800-53, NIST SP 800-61, and NIST SP 800-137.

Named one of the Best Places to Work in the Washington DC area for 12 consecutive years, Valiant is proud of our employee-centric culture and commitment to excellence. If you are interested in learning more about Valiant and this opportunity, we invite you to apply now!

Location: Remote, ideally in the Washington, DC Metro Area. Remote work requires a high level of trust in our employees, and we strictly adhere to the details outlined in our Remote Work Policy below. 

Eligibility Requirements: U.S. Citizenship is required due to federal contract obligations, and applicants must be able to successfully pass a federal background investigation.

Required Experience:

  • Eight or more years of cybersecurity engineering experience, with at least five years dedicated to SIEM architecture, administration, and content development.
  • Hands-on experience designing and operating distributed SIEM deployments at enterprise scale, including indexer clusters, search head clusters, heavy and universal forwarders, deployment servers, and license management.
  • Demonstrated experience writing, tuning, and optimizing queries, correlation searches, data models, accelerated summaries, lookups, and macros.
  • Working knowledge of security focused SIEM components, including notable event framework, risk-based alerting, asset and identity frameworks, and adaptive response actions.
  • Experience in onboarding diverse data sources at scale, including operating system logs, network flow and packet data, cloud platform logs (AWS CloudTrail, GuardDuty, VPC Flow, Config), endpoint telemetry, application logs, and identity provider logs.
  • Experience integrating SIEM with SOAR platforms, Endpoint Detection and Response tools, Continuous Diagnostics and Mitigation (CDM) data feeds, vulnerability management platforms, and ticketing systems such as ServiceNow.
  • Working knowledge of AWS GovCloud services and the design patterns used to forward, normalize, and secure log data from cloud-native sources.
  • Familiarity with the MITRE ATT&CK framework and experience translating adversary techniques into SIEM detection content.
  • Working knowledge of NIST SP 800-53, NIST SP 800-61, and NIST SP 800-137, and the ability to map SIEM controls and continuous monitoring practices to those frameworks.
  • Experience supporting incident response activities, including building investigation dashboards, preserving log evidence, and producing artifacts for post-incident reporting.
  • Strong scripting and automation skills in at least one of Python, Bash, or PowerShell, and comfort with version control using Git.
  • Beneficial Splunk certifications: Splunk Core Certified Power User and Splunk Enterprise Certified Admin. Splunk Certified Architect, Splunk Enterprise Security Certified Admin, or Splunk Core Certified Consultant is strongly preferred.
  • Required to obtain and maintain a Non-Sensitive / High Risk (Public Trust) security clearance at the Tier 4/6c level.
  • Strong written and verbal communication skills, with the ability to brief technical findings to SOC leadership, ISSOs, and senior Government officials.

 

Responsibilities:

  • Lead the architecture, deployment, upgrade, and sustainment of the SIEM environment supporting the client's SOC, including indexer and search head clusters, forwarders, and supporting infrastructure.
  • Monitor SIEM platform health, license usage, indexing latency, search performance, and ingest rates, and proactively address capacity, performance, and availability issues.
  • Onboard new data sources by defining requirements, configuring inputs and forwarders, building parsing and field extractions, and validating Common Information Model (CIM) compliance.
  • Develop, tune, and maintain correlation searches, notable events, dashboards, reports, and data models that support Tier 1 triage within fifteen minutes of detection and Tier 2 analysis within four hours of escalation.
  • Build and maintain SOC dashboards that provide real-time visibility into the client's security posture, supporting both day-to-day operations and executive reporting.
  • Translate detection requirements from threat hunters, CTI analysts, and engineering teams into production SIEM content mapped to the MITRE ATT&CK framework.
  • Integrate SIEM with SOAR, EDR, NDR, DLP, CDM, vulnerability management, and identity platforms to support automated triage, enrichment, and response.
  • Reduce false positive rates and alert fatigue by tuning correlation rules, refining thresholds, and applying risk-based alerting techniques.
  • Support incident response by building investigation queries, producing timeline reconstructions, preserving evidence, and contributing artifacts to initial incident reports within one hour of confirmation and final reports within seventy-two hours.
  • Author and maintain Engineering Design Documents, Standard Operating Procedures, runbooks, and configuration guides for the SIEM environment, and review them on the cadence required by the SOC CONOPS.
  • Partner with the Security Architect and engineering leads to align SIEM design with Zero Trust principles, the client's Technology Standards, and the agency's broader cybersecurity reference architecture.
  • Manage SIEM-related changes through the client's change control process, including impact assessments, back-out plans, and presentations to the Engineering Review Board and Change Control Board.
  • Provide knowledge transfer and informal training to SOC analysts, engineers, and system owners on SIEM usage, search development, and dashboard interpretation.
  • Apply secure configuration baselines, role-based access controls, and audit logging to the SIEM environment to meet federal compliance requirements.
  • Track and report on SIEM-related metrics, including ingest volume by source, detection coverage by MITRE technique, mean time to detect, and platform availability.
  • Stay current on SIEM product roadmap items, new applications and add-ons, and emerging detection techniques, and recommend improvements to the client's SIEM strategy.

About Valiant Solutions

Valiant Solutions is a security-focused IT solutions provider with public clients nationwide. Named one of the fastest growing privately held companies by Inc. 5000, Washington Technology's Fast 50, and Washington Business Journal's Best Places to Work in the D.C. area, Valiant Solutions prides itself on providing its employees with great benefits and career development opportunities. As a company, we are just as committed to growing careers as we are to building world-class IT solutions, all while enjoying an unparalleled work-life balance. We are in a phase of tremendous growth and building the team that will take us to the next level. We seek people whose talents and accomplishments will contribute to a thriving company, who have the character to support their capacity, and can make a positive impact on our culture. Alongside our talented team, you'll learn to think quickly on your feet and expand your own personal and professional skill set. Our management team will inspire you to consider new perspectives and challenge you to become a better practitioner in the fast-paced industry of IT security. We hire people we respect - and we trust them to deliver results leveraging their expertise. If you would enjoy working in a dynamic environment as part of a stellar team of professionals, then we invite you to apply online today.

Benefits Snapshot (includes, but not limited to)Valiant pays 99% of the Medical, Dental, and Vision Coverage for Full-time EmployeesValiant contributes 25% towards Health Coverage for Family and Dependents100% Paid Short Term Disability and Life Insurance Policy for Full-time Employees100% Paid Certifications401K Matching up to 4%Paid Time OffPaid Federal HolidaysWellness & Fitness ProgramValiant University - Online Education and Training PortalFSA programs for: Medical Costs, Dependent Care, Transit, and ParkingReferral Bonuses

Remote Work Policy 

Remote work necessitates a high level of trust in our employees. To ensure that employee performance does not suffer in a remote work environment, all employees who telecommute are expected to have a quiet and distraction-free workspace with adequate internet, dedicate their full attention and availability to their job duties during working hours, and maintain a schedule during core business hours that align with those of their coworkers and Valiant's clients. In alignment with Valiant's inclusive and engaging environment, cameras are encouraged and can be required to be on during virtual video conferences. Additionally, in alignment with the Office of the Inspector General's effort to eliminate conflicting employment, all Valiant employees are required to disclose any current or future outside employment engagements. During onboarding and throughout employment, employees must disclose any current activities or intent to engage in outside employment or other professional activities and obtain written approval.  Employees may not solicit or conduct any outside business during core business hours for Valiant Solutions and our clients.

Equal Employment Opportunity

Valiant Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability, genetic information, marital status, or veteran status, in accordance with applicable law.

Physical Demands

Sitting or standing at a desk for prolonged periods of time and consistent operation of a computer. Frequent communication and exchanging of accurate information via electronic communication, phones, and in person. Occasionally lift and/or move moderate amounts of weight, typically less than 20 pounds. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of the job.

Authorization to Share Resume and Personal Information

By submitting your resume for this position, you authorize Valiant Solutions to share your resume, as well as, personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should Valiant Solutions or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents.

#LI-JM1

Employment Type: FULL_TIME