Install, configure, and maintain Splunk Enterprise and Splunk ES in classified, air-gapped, or cross-domain environments
Manage distributed architectures (indexers, search heads, cluster masters, deployment servers, forwarders) with a focus on reliability, performance, and security
Perform upgrades, patching, app deployment, performance tuning, and capacity planning
Implement and maintain backup/restore, DR procedures, and system hardening in accordance with DoD/IC and organizational policies
Onboard logs from servers, network devices, security appliances, applications, and specialized classified systems
Develop and manage inputs, props, transforms, field extractions, and parsing to ensure high-quality, normalized data (CIM-compliant where applicable)
Develop searches, correlation logic, alerts (where appropriate), and dashboards to surface security-relevant activity, system health, and compliance status
Ensure Splunk configurations and data flows comply with classified environment requirements, including handling caveats, data segregation, and need-to-know

Requirements

Active TS/SCI with CI Poly clearance (or eligibility)
Bachelor’s degree in Computer Science, Information Security, Information Systems, or equivalent experience
8 - 10 years of experience with approximately 4-8 years of IT/cybersecurity experience, with at least 3+ years of hands-on Splunk Enterprise administration/engineering
Demonstrated experience supporting Splunk in highly regulated or secure environments (DoD, IC, federal, defense contractor, or similar)
Proficiency with SPL, including complex searches, statistical commands, sub searches, lookups, and dashboard creation
Experience onboarding and normalizing data from: Windows and Linux systems, Network infrastructure (routers, switches, firewalls, proxies), Security tools (AV/EDR, IDS/IPS, vulnerability scanners, identity systems)
Strong understanding of information security principles and controls (logging, monitoring, auditing, least privilege, configuration management)
Familiarity with NIST 800-53, RMF, JSIG, or similar frameworks applicable to classified systems

Benefits

Healthcare benefits
Paid leave
Retirement plans
Insurance programs
Education and training assistance

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

Splunk EnterpriseSPLdata normalizationperformance tuningcapacity planningbackup/restore proceduressystem hardeningdata flowscorrelation logicdashboard creation

Soft Skills

reliabilityperformancesecuritycomplianceproblem-solvingattention to detailcommunicationteam collaborationorganizational skillsadaptability

Certifications

Active TS/SCI with CI Poly clearanceBachelor’s degree in Computer ScienceBachelor’s degree in Information SecurityBachelor’s degree in Information Systems