1

Splunk Security Engineer Jobs (NOW HIRING)

The Splunk SOAR Engineer will lead the full lifecycle of platform architecture, integration ... Adhere to security best practices and compliance requirements within the operational environment.

Apply Early

Experience with Metrics, Events, Logging in an environment similar to Splunk. * 2-4 years: Experience in security engineering. * 2-4 years: Experience in on-premises environment focused on security ...

Our client is seeking an IAM Security Engineer to facilitate application onboarding into their Identity and Access Management infrastructure, analyze security log data, and develop Splunk ...

Use Splunk as the primary security platform for your work * Propose innovative uses cases for ... Prefer some experience in network monitoring * 1-3 years of programming experience, e.g., Python ...

Responsibilities The Mid-Level Splunk Engineer supports enterprise-wide monitoring, alerting, and ... Onboard new data sources including network appliances, servers, security tools, and applications ...

Responsibilities The Mid-Level Splunk Engineer supports enterprise-wide monitoring, alerting, and ... Onboard new data sources including network appliances, servers, security tools, and applications ...

Responsibilities The Mid-Level Splunk Engineer supports enterprise-wide monitoring, alerting, and ... Onboard new data sources including network appliances, servers, security tools, and applications ...

Splunk Engineer This role is part of the Verizon Corporate Information Security (CIS) Data Management and Data Protection organization. The selected candidate will be joining the CIS Enterprise Log ...

Use Splunk as the primary security platform for your work * Propose innovative uses cases for ... Prefer some experience in network monitoring * 1-3 years of programming experience, e.g., Python ...

Responsibilities The Mid-Level Splunk Engineer supports enterprise-wide monitoring, alerting, and ... Onboard new data sources including network appliances, servers, security tools, and applications ...

Splunk SOAR Engineer

Tampa, FL · On-site

$104K - $142K/yr

The Splunk SOAR Engineer will lead the full lifecycle of platform architecture, integration ... Adhere to security best practices and compliance requirements within the operational environment.

Senior Security Engineer

Burlington, VT · On-site +1

$114K - $157K/yr

The role is anchored in Splunk, but a Senior Security Engineer is expected to apply their engineering discipline across any platform in NuHarbor's catalog and to ramp quickly on new technologies as ...

Senior Security Engineer

Burlington, VT · On-site

$114K - $157K/yr

The role is anchored in Splunk, but a Senior Security Engineer is expected to apply their engineering discipline across any platform in NuHarbor\'s catalog and to ramp quickly on new technologies as ...

next page

Showing results 1-20

Splunk Security Engineer information

See salary details

$61.5K

$152.8K

$205.5K

How much do splunk security engineer jobs pay per year?

As of Jul 3, 2026, the average yearly pay for splunk security engineer in the United States is $152,773.00, according to ZipRecruiter salary data. Most workers in this role earn between $143,000.00 and $158,500.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive in the Splunk Security Engineer position, and why are they important?

To thrive as a Splunk Security Engineer, you need strong expertise in cybersecurity principles, log analysis, and experience with Splunk Enterprise or Splunk Cloud platforms, often supported by a related degree or certifications like Splunk Certified Power User or Architect. Familiarity with SIEM tools, scripting languages (e.g., Python), and integration of security data sources is essential. Strong problem-solving, attention to detail, and excellent communication skills help you collaborate effectively with IT and security teams. These skills are crucial for proactively detecting threats, improving system security, and ensuring an organization's digital safety.

What does a typical day look like for a Splunk Security Engineer?

A typical day for a Splunk Security Engineer involves monitoring security alerts and dashboards, investigating and responding to potential threats, and fine-tuning Splunk queries or correlation searches. You may work closely with SOC analysts, network engineers, and system administrators to interpret security logs, uncover patterns, and implement new detection rules or data integrations. Additionally, you might help with onboarding new data sources into Splunk and contribute to incident response activities or post-incident reviews. The role is highly collaborative and often fast-paced, requiring a blend of analytical and technical skills to keep organizational data secure.

What is a Splunk Security Engineer job?

A Splunk Security Engineer is responsible for implementing, managing, and optimizing Splunk for security operations. They design and maintain Splunk infrastructure, create alerts and dashboards, and analyze security logs to detect threats. Their role involves integrating Splunk with various security tools and developing custom use cases for threat detection and response. Additionally, they collaborate with security teams to enhance monitoring capabilities and ensure compliance with organizational security policies.

More about Splunk Security Engineer jobs
What cities are hiring for Splunk Security Engineer jobs? Cities with the most Splunk Security Engineer job openings:
What are the most commonly searched types of Splunk Security Engineer jobs? The most popular types of Splunk Security Engineer jobs are:
What states have the most Splunk Security Engineer jobs? States with the most job openings for Splunk Security Engineer jobs include:
What job categories do people searching Splunk Security Engineer jobs look for? The top searched job categories for Splunk Security Engineer jobs are:
Infographic showing various Splunk Security Engineer job openings in the United States as of June 2026, with employment types broken down into 95% Full Time, and 5% Contract. Highlights an 94% Physical, 2% Hybrid, and 4% Remote job distribution, with an average salary of $152,773 per year, or $73.4 per hour.
Splunk SOAR Engineer

Splunk SOAR Engineer

Venatore Llc

Tampa, FL • On-site

Full-time

Medical, Dental, Vision, Retirement, PTO

Posted yesterday

Be an early applicant


Job description

About Us
Venatore is a woman-owned small business headquartered in Tampa, Florida, providing mission-driven technology and professional services to federal defense and civilian agencies. We deliver expertise in information technology, engineering, logistics, and program support to help our clients achieve operational excellence and mission success.

About the Job
Venatore is seeking a Splunk SOAR Engineer to support U.S. Central Command (USCENTCOM) operations by designing, implementing, and optimizing enterprise-level Security Orchestration, Automation, and Response (SOAR) capabilities. This role is responsible for transforming manual incident response processes into scalable, automated workflows that accelerate threat detection, containment, and remediation. The Splunk SOAR Engineer will lead the full lifecycle of platform architecture, integration, content development, and performance optimization while collaborating closely with SOC analysts, threat hunters, and incident response teams. An active TS/SCI clearance is required.

Responsibilities

Platform Architecture & Engineering

  • Design, deploy, document, and maintain distributed Splunk SOAR (Phantom) platform architecture to ensure high availability, scalability, and performance.

  • Support system upgrades, patching, and performance tuning across the SOAR infrastructure.

  • Provide advanced troubleshooting and resolution of platform issues and playbook execution errors.

  • Adhere to security best practices and compliance requirements within the operational environment.

Playbook Development & Automation

  • Develop, customize, and maintain complex SOAR playbooks using Python and the Phantom Playbook Editor for automated enrichment, triage, containment, and remediation of security incidents (e.g., phishing, malware, unauthorized access).

  • Translate manual security procedures into robust, automated workflows aligned with SecOps best practices.

  • Establish and track automation metrics, including utilization rates, automation coverage, and Mean Time to Respond (MTTR) improvements.

Integration & Interoperability

  • Integrate Splunk SOAR with Splunk Enterprise Security (ES) and other core security technologies, including EDR/XDR platforms, firewalls, vulnerability scanners, threat intelligence platforms, and ticketing systems.

  • Develop custom apps and integrations to connect proprietary or unsupported security tools using RESTful APIs and custom connectors.

  • Manage and optimize data flow between Splunk ES and Splunk SOAR to ensure effective event-triggered automation actions.

Collaboration & Documentation

  • Partner with SOC analysts, threat hunters, and incident response teams to gather requirements and document workflows.

  • Develop and maintain detailed technical documentation for platform configurations, integrations, and automation content.

  • Provide training and mentorship to SOC staff on SOAR usage, content development, and automation best practices.

  • Evaluate and integrate emerging security technologies and threat intelligence feeds into the automation ecosystem.

Required Qualifications

  • Active TS/SCI security clearance.

  • U.S. citizenship.

  • Applicable DoD 8140 or DoD 8570 certification.

  • 8+ years of related experience in security engineering or security operations.

  • Hands-on expertise with Splunk SOAR (Phantom) administration, configuration, and maintenance in a distributed enterprise environment.

  • Advanced proficiency in Python scripting for playbook development, custom apps, and integrations.

  • Proven experience integrating SOAR platforms with Splunk Enterprise Security (ES), SIEMs, EDR/XDR tools, and other security technologies.

  • Strong understanding of security operations principles, incident response lifecycles, and threat detection methodologies.

  • Experience working with RESTful APIs and developing tool connectors.

  • Proficiency in data manipulation, log parsing, and understanding of the Common Information Model (CIM) in a security context.

  • Strong verbal and written communication skills with the ability to convey complex automation concepts to technical and non-technical audiences.

Preferred Qualifications

  • Familiarity with cloud security logging, containerization (Docker/Kubernetes), and CI/CD pipelines for playbook deployment.

  • Knowledge of the MITRE ATT&CK framework and its application in automated detection and response use cases.

  • Experience using Git or other version control systems for SOAR content management.

  • Familiarity with network protocols, Windows and Linux operating systems, and enterprise security architecture components.

  • Splunk Enterprise Security Certified Admin or Architect certification.

  • Splunk SOAR (Phantom) Certified Content Developer or Administrator certification.

  • Experience with other SOAR platforms (e.g., Palo Alto Cortex XSOAR, IBM Resilient).

  • Experience supporting USCENTCOM or multi-domain defense security operations environments.

  • ITIL 4 Foundation certification.

Benefits
Venatore offers a competitive benefits package designed to support the well-being of our employees, including:

  • Paid Time Off (PTO)

  • 10 Federal Holidays

  • 401(k) with company matching

  • Medical, dental, and vision insurance

  • Paid parental leave

  • Paid military leave

Venatore is an equal opportunity employer and considers qualified applicants without regard to disability or protected veteran status.