ZipRecruiter

Log In

1

Splunk Siem Engineer Jobs (NOW HIRING)

IntraEdge

Senior Cybersecurity Engineer

Charlotte, NC · Hybrid

$111K - $153K/yr

Job Summary We are seeking a highly experienced Senior Splunk SIEM / Cybersecurity Engineer to design, implement, optimize, and manage enterprise-scale security monitoring and analytics platforms.

Deepwatch

The Platform SIEM Engineer II's primary goal is to provide expert production support for the ... Splunk * Google SecOps * Microsoft Sentinel * Securonix * CrowdStrike NG SIEM * Palo Alto XSIAM

BeaconFire Solution

SIEM Data Engineer

Quincy, MA · On-site

$45 - $50/hr

for SIEM Data Engineer Position Who we are looking for: Cyber Data & Analytics team is looking for ... Splunk data administration, Cribl Stream, GitOps (Cribl code deployed using GitOps), Confluence ...

Summit 7 Systems

SIEM Engineer

AL · On-site +1

$100K/yr

SIEM Engineer Clearance: None Location: Huntsville, AL/Remote Salary*: $100,000+ per year ... Write complex queries using languages like SPL (Splunk) or SQL to analyze and transform data.

Kirkland & Ellis LLP.

SIEM Engineer II

Chicago, IL · On-site

$133K - $166K/yr

As a SIEM Engineer II , you will play a key role in the implementation, optimization, and day-to ... SecOps), Splunk, Exabeam, Microsoft Sentinel). * Cribl Development - Support the design and ...

Summit 7 Systems

SIEM Engineer

Huntsville, AL · Remote

$100K/yr

SIEM Engineer Clearance: None Location: Huntsville, AL/Remote Salary*: $100,000+ per year ... Write complex queries using languages like SPL (Splunk) or SQL to analyze and transform data.

Kirkland & Ellis LLP.

SIEM Engineer II

Austin, TX · On-site

$133K - $166K/yr

As a SIEM Engineer II , you will play a key role in the implementation, optimization, and day-to ... SecOps), Splunk, Exabeam, Microsoft Sentinel). * Cribl Development - Support the design and ...

Q1 Technologies Inc.

Splunk Admin

Dallas, TX · On-site

$110K - $130K/mo

... SIEM • Management and support parsing fields from unstructured logs • Administration and support for Splunk cluster environment • Assist in developing use cases to fulfill gaps that may be ...

next page

Showing results 1-20

All JobsSplunk Siem Engineer Jobs

Splunk Siem Engineer information

See salary details

$54.5K

$126K

$181K

How much do splunk siem engineer jobs pay per year?

As of Jun 19, 2026, the average yearly pay for splunk siem engineer in the United States is $126,034.00, according to ZipRecruiter salary data. Most workers in this role earn between $104,500.00 and $145,500.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Splunk SIEM Engineer, and why are they important?

To thrive as a Splunk SIEM Engineer, you need strong expertise in security information and event management (SIEM), log analysis, scripting, and a background in cybersecurity, often supported by a computer science degree or related certifications. Familiarity with Splunk Enterprise Security, Splunk Query Language (SPL), and certifications like Splunk Certified Power User or Splunk Certified Admin are commonly required. Analytical thinking, problem-solving skills, and effective communication help engineers interpret security data and collaborate with IT teams. These skills are crucial for proactively detecting threats, optimizing security operations, and ensuring the resilience of organizational IT environments.

What are some common challenges faced by Splunk SIEM Engineers when integrating new data sources?

Splunk SIEM Engineers often encounter challenges such as inconsistent log formats, lack of documentation from data source owners, and ensuring data normalization for effective correlation and analysis. Additionally, dealing with high data volume while maintaining system performance and security compliance can be demanding. Close collaboration with IT, security teams, and application owners is critical to troubleshoot issues and fine-tune data onboarding processes.

What is the difference between Splunk Siem Engineer vs Security Analyst?

AspectSplunk Siem EngineerSecurity Analyst
CertificationsSplunk Certified Power User, Splunk Certified AdminCompTIA Security+, GIAC Security Essentials
Work EnvironmentFocus on configuring, maintaining, and optimizing Splunk SIEM toolsMonitor security alerts, investigate incidents, and implement security measures
Industry UsagePrimarily in cybersecurity, IT operations, and complianceAcross cybersecurity teams, incident response, and risk management

The Splunk Siem Engineer specializes in deploying and managing Splunk SIEM solutions, ensuring data ingestion and system performance. In contrast, the Security Analyst focuses on analyzing security data, investigating threats, and responding to incidents. While both roles require security knowledge and certifications, the engineer emphasizes system setup and maintenance, whereas the analyst emphasizes threat detection and response.

Is Splunk in high demand?

Splunk SIEM Engineer roles are in high demand due to the increasing need for cybersecurity and data analysis skills. Organizations seek professionals with expertise in Splunk, log management, and security monitoring to enhance their threat detection and compliance efforts.

What does a Splunk SIEM Engineer do?

A Splunk SIEM Engineer is responsible for designing, implementing, and managing Splunk Security Information and Event Management (SIEM) solutions within an organization. They monitor security events, create dashboards, and develop alerts to detect and respond to potential threats. Their work involves integrating various data sources into Splunk, maintaining system performance, and ensuring compliance with security policies. Splunk SIEM Engineers also play a key role in incident response and help organizations improve their overall security posture.

How much does a SIEM engineer make?

A SIEM engineer's salary typically ranges from $80,000 to $130,000 annually, depending on experience, certifications, and location. Senior roles or those with specialized skills in tools like Splunk can earn higher salaries, often exceeding $150,000. Compensation also varies based on the complexity of security environments and organizational size.

What engineers make $500,000?

Senior engineers in specialized fields such as software engineering, data engineering, or cybersecurity can earn $500,000 or more annually, especially with extensive experience, advanced skills, and relevant certifications. High-level roles often include leadership responsibilities and may involve stock options or bonuses that contribute to total compensation.

How much do Splunk engineers make?

Splunk SIEM engineers typically earn between $80,000 and $130,000 annually, depending on experience, certifications, and location. Senior roles or those with advanced skills in data analysis and security may earn higher salaries, especially in high-demand markets.
More about Splunk Siem Engineer jobs
What cities are hiring for Splunk Siem Engineer jobs? Cities with the most Splunk Siem Engineer job openings:
What states have the most Splunk Siem Engineer jobs? States with the most job openings for Splunk Siem Engineer jobs include:
What job categories do people searching Splunk Siem Engineer jobs look for? The top searched job categories for Splunk Siem Engineer jobs are:
Splunk Siem Engineer jobs near you
Infographic showing various Splunk Siem Engineer job openings in the United States as of June 2026, with employment types broken down into 2% As Needed, 86% Full Time, 7% Temporary, and 5% Contract. Highlights an 87% Physical, 5% Hybrid, and 8% Remote job distribution, with an average salary of $126,034 per year, or $60.6 per hour.
Senior Cybersecurity Engineer

Senior Cybersecurity Engineer

IntraEdge

Charlotte, NC • Hybrid

$111K - $153K/yr

Full-time

Posted 29 days ago

Job description

Job Summary
We are seeking a highly experienced Senior Splunk SIEM / Cybersecurity Engineer to design, implement, optimize, and manage enterprise-scale security monitoring and analytics platforms. The ideal candidate will possess deep expertise in Splunk technologies, SIEM engineering, threat detection, incident response, security automation, and enterprise monitoring solutions. This role will be responsible for strengthening security operations capabilities through advanced detection engineering, threat hunting, automation, and integration of diverse security technologies.
Key ResponsibilitiesSplunk Architecture & Administration
  • Design, implement, and maintain large-scale distributed Splunk environments including:
    • Indexers
    • Search Heads
    • Deployment Servers
    • Universal/Heavy Forwarders
  • Administer and support Splunk Enterprise, Splunk Cloud, Enterprise Security (ES), ITSI, SOAR, and UBA environments.
  • Lead Splunk Cloud migration initiatives and hybrid deployment strategies.
  • Perform upgrades, app packaging, deployment planning, and system enhancements.
  • Conduct performance tuning, index optimization, capacity planning, and troubleshooting of indexing/search performance issues.
SIEM Engineering & Security Operations
  • Design and implement enterprise SIEM solutions to support security monitoring and incident response.
  • Develop advanced SPL searches, correlation rules, alerts, reports, and dashboards for SOC operations.
  • Create and manage security use cases, notable events, and Risk-Based Alerting (RBA) workflows.
  • Improve monitoring capabilities through continuous optimization and engineering enhancements.
  • Support incident response investigations and root cause analysis activities.
Detection Engineering & Threat Hunting
  • Build and enhance detection content aligned with MITRE ATT&CK methodologies.
  • Develop detection use cases for emerging threats and attack patterns.
  • Perform proactive threat hunting activities across enterprise environments.
  • Conduct IOC analysis and behavioral analytics for advanced threat identification.
  • Enhance detection coverage and reduce false positives.
SOAR & Security Automation
  • Design and implement automation workflows using Splunk SOAR (Phantom).
  • Develop automation scripts using Python and REST APIs.
  • Integrate security orchestration workflows with enterprise security tools.
  • Streamline incident investigation and response processes through automation.
Integration & Data Engineering
  • Integrate security solutions including:
    • Firewalls
    • IDS/IPS systems
    • EDR/XDR platforms
    • Cloud security tools
    • Enterprise applications
  • Perform onboarding and normalization of machine data.
  • Implement:
    • CIM compliance
    • Parsing and field extraction
    • Data normalization
    • Data quality improvements
User and Entity Behavior Analytics (UEBA)
  • Implement UEBA solutions for behavioral analytics.
  • Develop anomaly detection use cases for insider threat monitoring and suspicious activity identification.
  • Support proactive monitoring and risk identification initiatives.
Required Qualifications
  • Bachelor's degree in Computer Science, Cybersecurity, Information Systems, or related field.
  • 12+ years of IT experience with emphasis on:
    • Cybersecurity
    • SIEM Engineering
    • Splunk Administration
    • Enterprise Monitoring Solutions
  • 8+ years of hands-on experience with:
    • Splunk Enterprise
    • Splunk Cloud
    • Splunk Enterprise Security (ES)
    • Splunk ITSI
    • Splunk SOAR
    • Splunk UBA
  • Strong experience in SIEM architecture and security monitoring.
  • Extensive experience developing advanced SPL queries and dashboards.
  • Strong understanding of MITRE ATT&CK framework and Detection Engineering practices.
  • Hands-on expertise in Threat Hunting and Incident Response.
  • Experience integrating enterprise security technologies and APIs.
  • Strong Python scripting and REST API integration experience.
Preferred Qualifications
  • Splunk Certified Architect
  • Splunk Enterprise Security Certified Admin
  • CISSP
  • GIAC certifications (GCIA, GCIH, GCFA)
  • Cloud security certifications (AWS, Azure, GCP)
Technical Skills
SIEM & Monitoring:
Splunk Enterprise, Splunk Cloud, ES, ITSI, SOAR, UBA, SIEM Engineering
Security Operations:
SOC Operations, Incident Response, Detection Engineering, Threat Hunting, MITRE ATT&CK, IOC Analysis, RBA
Programming & Automation:
Python, REST APIs, SOAR Automation
Security Technologies:
EDR/XDR, IDS/IPS, Firewalls, UEBA, Cloud Security Platforms
Cloud & Infrastructure:
AWS, Azure, GCP, Hybrid Cloud Architectures
Soft Skills
  • Strong analytical and troubleshooting skills
  • Excellent communication and stakeholder management
  • Ability to lead technical initiatives and mentor team members
  • Strong problem-solving and decision-making capabilities

Job Summary
We are seeking a highly experienced Senior Splunk SIEM / Cybersecurity Engineer to design, implement, optimize, and manage enterprise-scale security monitoring and analytics platforms. The ideal candidate will possess deep expertise in Splunk technologies, SIEM engineering, threat detection, incident response, security automation, and enterprise monitoring solutions. This role will be responsible for strengthening security operations capabilities through advanced detection engineering, threat hunting, automation, and integration of diverse security technologies.
Key ResponsibilitiesSplunk Architecture & Administration
  • Design, implement, and maintain large-scale distributed Splunk environments including:
    • Indexers
    • Search Heads
    • Deployment Servers
    • Universal/Heavy Forwarders
  • Administer and support Splunk Enterprise, Splunk Cloud, Enterprise Security (ES), ITSI, SOAR, and UBA environments.
  • Lead Splunk Cloud migration initiatives and hybrid deployment strategies.
  • Perform upgrades, app packaging, deployment planning, and system enhancements.
  • Conduct performance tuning, index optimization, capacity planning, and troubleshooting of indexing/search performance issues.
SIEM Engineering & Security Operations
  • Design and implement enterprise SIEM solutions to support security monitoring and incident response.
  • Develop advanced SPL searches, correlation rules, alerts, reports, and dashboards for SOC operations.
  • Create and manage security use cases, notable events, and Risk-Based Alerting (RBA) workflows.
  • Improve monitoring capabilities through continuous optimization and engineering enhancements.
  • Support incident response investigations and root cause analysis activities.
Detection Engineering & Threat Hunting
  • Build and enhance detection content aligned with MITRE ATT&CK methodologies.
  • Develop detection use cases for emerging threats and attack patterns.
  • Perform proactive threat hunting activities across enterprise environments.
  • Conduct IOC analysis and behavioral analytics for advanced threat identification.
  • Enhance detection coverage and reduce false positives.
SOAR & Security Automation
  • Design and implement automation workflows using Splunk SOAR (Phantom).
  • Develop automation scripts using Python and REST APIs.
  • Integrate security orchestration workflows with enterprise security tools.
  • Streamline incident investigation and response processes through automation.
Integration & Data Engineering
  • Integrate security solutions including:
    • Firewalls
    • IDS/IPS systems
    • EDR/XDR platforms
    • Cloud security tools
    • Enterprise applications
  • Perform onboarding and normalization of machine data.
  • Implement:
    • CIM compliance
    • Parsing and field extraction
    • Data normalization
    • Data quality improvements
User and Entity Behavior Analytics (UEBA)
  • Implement UEBA solutions for behavioral analytics.
  • Develop anomaly detection use cases for insider threat monitoring and suspicious activity identification.
  • Support proactive monitoring and risk identification initiatives.
Required Qualifications
  • Bachelor's degree in Computer Science, Cybersecurity, Information Systems, or related field.
  • 12+ years of IT experience with emphasis on:
    • Cybersecurity
    • SIEM Engineering
    • Splunk Administration
    • Enterprise Monitoring Solutions
  • 8+ years of hands-on experience with:
    • Splunk Enterprise
    • Splunk Cloud
    • Splunk Enterprise Security (ES)
    • Splunk ITSI
    • Splunk SOAR
    • Splunk UBA
  • Strong experience in SIEM architecture and security monitoring.
  • Extensive experience developing advanced SPL queries and dashboards.
  • Strong understanding of MITRE ATT&CK framework and Detection Engineering practices.
  • Hands-on expertise in Threat Hunting and Incident Response.
  • Experience integrating enterprise security technologies and APIs.
  • Strong Python scripting and REST API integration experience.
Preferred Qualifications
  • Splunk Certified Architect
  • Splunk Enterprise Security Certified Admin
  • CISSP
  • GIAC certifications (GCIA, GCIH, GCFA)
  • Cloud security certifications (AWS, Azure, GCP)
Technical Skills
SIEM & Monitoring:
Splunk Enterprise, Splunk Cloud, ES, ITSI, SOAR, UBA, SIEM Engineering
Security Operations:
SOC Operations, Incident Response, Detection Engineering, Threat Hunting, MITRE ATT&CK, IOC Analysis, RBA
Programming & Automation:
Python, REST APIs, SOAR Automation
Security Technologies:
EDR/XDR, IDS/IPS, Firewalls, UEBA, Cloud Security Platforms
Cloud & Infrastructure:
AWS, Azure, GCP, Hybrid Cloud Architectures
Soft Skills
  • Strong analytical and troubleshooting skills
  • Excellent communication and stakeholder management
  • Ability to lead technical initiatives and mentor team members
  • Strong problem-solving and decision-making capabilities
Education:Employment Type: FULL_TIME
IntraEdge logo

About IntraEdge

Sourced by ZipRecruiter

At heart, we are a technology, products and services organization In our soul, it’s the people who make us what we are — the professionals we train and connect to next-level opportunities and the experts who create innovative solutions and value for our national and international partners. It’s true that innovative technology can provide a major boost to your business, but you also need the right talent pushing it forward. This critical combination is what we offer all of our partners: cutting edge tech solutions and the expertise to bring it to life.

Industry

It services

Company size

1,001 - 5,000 Employees

Headquarters location

Chandler, AZ, US

Year founded

2002

Social media

Instagram

View All IntraEdge Jobs

Apply