onsite
Splunk Security Engineer - SMX
Security Engineer
Lead the design, deployment, and maintenance of secure Splunk environments, optimizing data ingestion, search performance, and reporting to meet stringent Army Intelligence security and compliance standards.
About the role
Key Responsibilities
- Design, implement, and manage Splunk infrastructure across multiple security domains, ensuring high availability and scalability.
- Onboard new data sources, develop and tune search queries, and create actionable dashboards and reports for intelligence and operational teams.
- Enforce security best practices, conduct regular audits, and verify compliance with Army Intelligence standards and IC‑500‑27 requirements.
- Collaborate with cross‑functional teams to troubleshoot performance issues, optimize indexing, and implement data retention policies.
- Document configurations, procedures, and security controls, providing guidance to stakeholders and supporting continuous improvement initiatives.
Requirements
- Proven experience administering Splunk Enterprise and Splunk Enterprise Security in a high‑security environment.
- Strong knowledge of security analytics, threat detection, and compliance frameworks (e.g., NIST, DoD).
- Hands‑on scripting skills (Python, PowerShell) for automation and data manipulation.
- Excellent problem‑solving abilities and attention to detail in a regulated, mission‑critical setting.
- Effective communication skills for translating technical findings to non‑technical stakeholders.