Senior Splunk Engineer
Malmstrom AFB, Montana, United States of America
Full Time
3 weeks ago
$136,000 - $227,100 USD
No Visa Sponsorship
Key skills
Cyber SecurityFirewallsLinuxSplunkTypeScript
About this role
Role Overview
- Install, configure, and maintain Splunk Enterprise and Splunk ES in classified, air-gapped, or cross-domain environments
- Manage distributed architectures (indexers, search heads, cluster masters, deployment servers, forwarders) with a focus on reliability, performance, and security
- Perform upgrades, patching, app deployment, performance tuning, and capacity planning
- Implement and maintain backup/restore, DR procedures, and system hardening in accordance with DoD/IC and organizational policies
- Onboard logs from servers, network devices, security appliances, applications, and specialized classified systems
- Develop and manage inputs, props, transforms, field extractions, and parsing to ensure high-quality, normalized data (CIM-compliant where applicable)
- Develop searches, correlation logic, alerts (where appropriate), and dashboards to surface security-relevant activity, system health, and compliance status
- Ensure Splunk configurations and data flows comply with classified environment requirements, including handling caveats, data segregation, and need-to-know
Requirements
- Active TS/SCI with CI Poly clearance (or eligibility)
- Bachelor’s degree in Computer Science, Information Security, Information Systems, or equivalent experience
- 8
- 10 years of experience with approximately 4-8 years of IT/cybersecurity experience, with at least 3+ years of hands-on Splunk Enterprise administration/engineering
- Demonstrated experience supporting Splunk in highly regulated or secure environments (DoD, IC, federal, defense contractor, or similar)
- Proficiency with SPL, including complex searches, statistical commands, sub searches, lookups, and dashboard creation
- Experience onboarding and normalizing data from: Windows and Linux systems, Network infrastructure (routers, switches, firewalls, proxies), Security tools (AV/EDR, IDS/IPS, vulnerability scanners, identity systems)
- Strong understanding of information security principles and controls (logging, monitoring, auditing, least privilege, configuration management)
- Familiarity with NIST 800-53, RMF, JSIG, or similar frameworks applicable to classified systems
Tech Stack
- Cyber Security
- Firewalls
- Linux
- Splunk
- TypeScript
Benefits
- Healthcare benefits
- Paid leave
- Retirement plans
- Insurance programs
- Education and training assistance