Lead Splunk Architect
Agile Defense
full-time
Posted on:
Location Type: Hybrid
Location: Reston • Virginia • United States
Visit company websiteExplore more
Job Level
About the role
- Support enterprise cybersecurity programs delivering 24/7/365 Cyber Security Operations Center (CSOC) services of USG customers
- Provide expert technical leadership for enterprise-scale logging, monitoring, SIEM engineering, and custom log integration
- Ensure the reliability, performance, and modernization of the enterprise logging ecosystems across on-premises, cloud, and hybrid environments
- Lead the design, engineering, configuration, and optimization of enterprise logging platforms supporting CSOC operations
- Act as the primary technical authority for SIEM architecture, log ingestion pipelines, parsing, normalization, enrichment, and storage strategies
- Manage onboarding of new data sources across applications, endpoints, networks, cloud environments, and identity systems
- Ensure log health monitoring, cluster health, pipeline resiliency, and integrity validation for continuous reliability
- Enable dashboard creation, correlation rules, and alerting by guaranteeing high-quality, normalized data
- Maintain compliance with logging standards, federal mandates, and Zero Trust visibility requirements
- Drive modernization initiatives, including automation, cloud logging integrations, and data optimization
- Produce technical documentation, including architecture diagrams, data dictionaries, and detailed reports
- Support vulnerability assessments, compliance audits, and cross-team engineering reviews
Requirements
- Active Certified Splunk Architect (II)
- Bachelor’s degree in computer science, engineering, Cybersecurity, STEM or related field.
- Understanding and practical experience in applying project management principles
- Experience with diverse interconnected systems
- Strong understanding of industry best practices and technologies with experience in the application supporting a large Federal Government security operations organization
- Experience in an enterprise IT environment as an applications or systems administrator working in Windows and Linux environments
- Experience with bash, python and or PowerShell scripting languages and automation
- Strong networking background
- Strong security background
- Experience with cloud orchestration tools and a strong understanding of Amazon Web Services cloud services
- Last 5 years of experience serving as a senior Certified Splunk Administrator or Architect in large environment.
- Preferred: Splunk Certified Admin/Engineer, Splunk Core Certified Consultant, Active Certified Information System Security Professional (CISSP), Cloud provider certifications (AWS Certified Solutions Architect, Azure Solutions Architect Expert, etc), Experience using cribl
Benefits
- Competitive and comprehensive benefits package
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
SIEM engineeringlog ingestiondata normalizationbash scriptingpython scriptingPowerShell scriptingcloud logging integrationsdata optimizationvulnerability assessmentscompliance audits
Soft Skills
technical leadershipproject managementinterpersonal communicationteam collaborationproblem-solvingdocumentation skillsanalytical thinkingattention to detailadaptabilityinitiative
Certifications
Certified Splunk Architect (II)Splunk Certified AdminSplunk EngineerSplunk Core Certified ConsultantCertified Information System Security Professional (CISSP)AWS Certified Solutions ArchitectAzure Solutions Architect Expert