Dragonfli Group

Senior Splunk Cybersecurity Engineer – Architect/SME

Dragonfli Group

full-time

Posted on:

Origin:  • 🇺🇸 United States

Visit company website
AI Apply
Manual Apply

Job Level

Senior

Tech Stack

AWSAzureCloudCyber SecurityGoogle Cloud PlatformJavaScriptLinuxPythonSplunkSQLUnix

About the role

  • Dragonfli Group is a cybersecurity and IT consulting firm headquartered in Washington, DC, serving federal and commercial clients nationwide.
  • Lead the design, deployment, automation, and maintenance of Splunk in a complex hybrid infrastructure for a large federal agency.
  • Provide operational support, Splunk integrations, security alignment, and real-time data analytics across on-premises and cloud environments.
  • Collaborate with cross-functional stakeholders from DevOps, Security, and IT Operations to ensure robust monitoring, system availability, and performance tuning at scale.
  • Mentor junior engineers and support technical escalation.
  • Align Splunk capabilities with cybersecurity policies and compliance (FISMA, FedRAMP, NIST).
  • Remote role (U.S. only) with potential occasional off-hours or weekend support.
  • U.S. Citizenship or Permanent Residency is required.

Requirements

  • 10+ Years of Splunk Experience Required
  • Manages knowledge objects (fields, extractions, tags, event types, lookups, workflow actions, aliases, macros, and so on) – through automations, scripting, management server functions; to include .conf and .cfg files in scope of the last four Splunk Enterprise versions
  • Experience with Splunk deployment and configuration management in large-scale environments
  • Proficiency in writing complex Splunk queries, dashboards, and alerts using SPL (Search Processing Language)
  • Experience with REST APIs for Splunk and external system integration
  • Ability to analyze and troubleshoot complex data ingestion and parsing issues
  • Designing and developing an automations workflow and dashboard interface for such
  • Self-starter with a service-oriented mindset who will take action, find ways to solve problems, and move projects to conclusion independently
  • Strong problem-solving skills and the ability to translate research insights into practical solutions that address real-world challenges.
  • Strong communication and collaboration skills with the ability to articulate complex technical concepts to both technical and non-technical audiences.
  • Experience in mentoring and guiding junior researchers or team members
  • Ability to leverage the Splunk AI Assistant and other AI tools to increase accuracy and efficiency of task and other deliverables (preferred)
  • Advanced knowledge of Unix/Linux and/or Windows systems administration and troubleshooting (preferred)
  • Strong scripting skills in Bash, Python, JavaScript, SQL and PowerShell for automation and integration tasks (preferred)
  • Experience with Splunk upgrades, patching, and performance tuning (preferred)
  • Proficiency in integrating Splunk with cloud platforms (AWS, GCP, Azure) (preferred)
  • Understanding of security and compliance requirements and implementation of role-based access controls (RBAC) in Splunk (preferred)
  • Strong knowledge of logging standards and best practices across application and infrastructure layers (preferred)
  • Extensive knowledge of defense-in-depth principles, Network and Security architecture, network topology, IT device integrity, and common security elements. (preferred)
  • Executes new projects as well as data and user onboarding (preferred)
  • Strong understanding of IT and Cyber industry standards and technologies to include such controls governed by NIST, FISMA, and FedRamp (preferred)
  • Experience installing and utilizing and developing with the Splunk App for Data Science and Deep Learning. (preferred)
  • Experience installing and utilizing and developing with the Splunk SOAR Automation toolset (preferred)
  • Experience or background in the Cybersecurity, Systems/Network Administration or Observability industry (preferred)