Splunk
Splunk

60 Splunk Security Architect Jobs Hiring Near You

... security, compliance, and business operations. This role requires both technical expertise and ... Lead the strategy, architecture, deployment, and management of the Splunk Enterprise platform.

Security Architect

San Jose, CA · Hybrid

$115.86/hr

... architect who oversees a portfolio of backend security software applications in the cloud ... to integrate with Splunk platforms, foster cross-functional relationships, and excel in ...

Develop security focused content for complex client Splunk deployments and focus on the creation of ... Splunk Architect certification (Preferred) Additional Qualifications: * 1+ years of experience in ...

Title: Technology Architect Location: Toronto, ON Duration: 24 Months Description Primary ... In this role the Senior Splunk Security Specialist will: * Provide engineering and operational ...

Ensure Splunk architecture supports SOC operations, security monitoring, incident response, compliance reporting, data retention, scalability, resilience, and performance requirements. * Assess ...

Title: Technology Architect Location: Toronto, ON Duration: 24 Months Description Primary ... In this role the Senior Splunk Security Specialist will: * Provide engineering and operational ...

Title: Technology Architect Location: Toronto, ON Duration: 24 Months Description Primary ... In this role the Senior Splunk Security Specialist will: * Provide engineering and operational ...

Develop security focused content for complex client Splunk deployments and focus on the creation of ... Splunk Architect certification (Preferred) Additional Qualifications: * 1+ years of experience in ...

Splunk Architect Location: Onsite - New Jersey (NJ), Tampa (FL), Tempe (AZ) Experience Required ... Ensure compliance with security regulations and frameworks (MITRE Attack Framework, CIS). * Operate ...

Splunk Architect Location: Doral, FL Onsite Description: * Ability to fulfill Splunk admin role as ... Security background * Understanding of cloud computing concepts * Understanding of observability ...

The Senior Security Architect is responsible for designing, implementing, and maintaining ... Hands-on experience with SIEM, SOAR, and EDR platforms (Splunk, Cortex XSOAR, CrowdStrike)

next page

Showing results 1-20

Splunk Jobs Information

What is it like to work at Splunk?

Splunk is a technology company that values innovation, collaboration, and customer satisfaction, fostering a dynamic and fast-paced work environment. The company's structure is organized into various teams, including product development, sales, and customer support, with a focus on delivering cutting-edge solutions for data analytics and monitoring. Working at Splunk may appeal to candidates who are passionate about data-driven insights, enjoy working with a global team, and are motivated by the opportunity to contribute to the company's mission of making machine-generated data accessible and usable for everyone.
Splunk Security Engineer with Security Clearance

Splunk Security Engineer with Security Clearance

Quantum Science Solutions

Reston, VA • On-site

Other

Posted 3 days ago


Job description

Job Title: Splunk Security Engineer Location: Reston, VA Clearance: Active TS/SCI with Polygraph Required Company: Quantum Science Solutions (QSS) Compensation: Open Rate Position Overview Quantum Science Solutions (QSS) supports mission-critical cybersecurity operations for customers within the IC. We are seeking an experienced Splunk Security Engineer to design, implement, and optimize enterprise-scale Splunk environments supporting classified cyber defense operations. The Splunk Security Engineer will serve as a technical leader responsible for engineering and maintaining Splunk Enterprise and Splunk Enterprise Security (ES) environments, integrating enterprise log sources, enhancing threat detection capabilities, and supporting Security Operations Center (SOC) missions.

This individual will work closely with cybersecurity engineers, system administrators, cloud engineers, and mission stakeholders to improve security visibility, automate operational processes, and ensure compliance with federal cybersecurity standards across highly secure government environments. Key Responsibilities • Design, deploy, administer, and optimize enterprise-scale distributed Splunk Enterprise and Splunk Enterprise Security (ES) environments. • Integrate enterprise log sources including operating systems, network devices, cloud platforms, applications, databases, and security tools using Universal Forwarders, APIs, and Syslog.

• Develop custom dashboards, reports, visualizations, alerts, and correlation searches supporting threat hunting, incident response, governance, and executive reporting. • Configure and maintain Splunk Common Information Model (CIM), field extractions, event types, tags, macros, and knowledge objects to improve data normalization and search accuracy. • Optimize search performance, indexing, storage utilization, and distributed Splunk architecture to improve operational efficiency.

• Automate Splunk engineering, deployment, administration, and onboarding activities using Python, Bash, Ansible, reusable scripts, and YAML-based configurations. • Onboard new enterprise data sources while developing standardized ingestion and automation processes. • Support Security Operations Center (SOC) missions through advanced log analytics, SIEM engineering, and detection content development.

• Support Incident Response (IR), digital forensics, and cyber threat detection through advanced security monitoring and log analysis. • Assist with implementation of Zero Trust Architecture (ZTA), Continuous Monitoring (ConMon), Risk Management Framework (RMF), and ICD 503 security requirements. • Develop and maintain cybersecurity documentation including System Security Plans (SSPs), Security Assessment Reports (SARs), Plans of Action & Milestones (POA&Ms), and other Assessment & Authorization (A&A) artifacts.

• Provide technical guidance regarding Splunk architecture, SIEM tuning, cyber policy compliance, and Authorization to Operate (ATO) sustainment. • Produce engineering documentation, configuration guides, standard operating procedures, and change management documentation. • Ensure compliance with NIST 800-53, CNSSI 1253, ICD 503, and DoD STIG security requirements.

• Collaborate with cross-functional engineering teams to support secure enterprise cybersecurity operations and mission objectives. Mandatory Skills • U.S. Citizenship • Active TS/SCI Clearance with Polygraph • 10+ years of cybersecurity experience supporting secure government or Intelligence Community environments • Minimum 5 years of hands-on Splunk engineering experience supporting classified environments • Extensive experience administering: Splunk Enterprise, Splunk Enterprise Security (ES), Distributed Splunk environments, Splunk clustering, Common Information Model (CIM) • Experience integrating enterprise log sources across infrastructure, cloud, network, application, and security platforms.

• Strong experience developing dashboards, searches, alerts, correlation rules, and security visualizations. • Experience optimizing Splunk search performance and indexing architecture. • Proficiency with Linux operating systems and Linux command-line administration.

• Experience with Python and Bash scripting. • Experience supporting Incident Response, Threat Hunting, Digital Forensics, or Security Operations Center (SOC) environments. • Knowledge of: NIST 800-53, RMF, ICD 503, Continuous Monitoring (ConMon), Zero Trust Architecture • Experience supporting AWS, GovCloud, C2S, VMware, or other secure cloud environments.

• Excellent written and verbal communication skills with the ability to communicate effectively with technical teams and government stakeholders. Preferred Skills • Splunk Certified Power User • Splunk Certified Administrator • Splunk Enterprise Security Certified Administrator • Experience with infrastructure automation using Ansible, Terraform, or Jenkins. • Experience integrating threat intelligence feeds into Splunk.

• Experience developing advanced correlation searches and detection content. • Experience supporting DHS, ODNI, or other Intelligence Community organizations. • Experience with DevSecOps practices and Infrastructure as Code (IaC).

• Familiarity with multi-tenant enterprise cybersecurity environments. Education Bachelor's degree in Computer Science, Cybersecurity, Information Technology, Information Systems, Engineering, or a related technical discipline. OR High School Diploma with equivalent directly related cybersecurity and Splunk engineering experience.

Desired Certifications • CISSP, Security+, AWS Certification Why QSS? At QSS, you'll support mission-critical cybersecurity operations protecting government systems and critical infrastructure from evolving cyber threats while working alongside experienced cybersecurity professionals.