Splunk Engineer

Job Title: Splunk Engineer / Administrator / Developer (Government Client)

Overview:
Government Client is seeking a Splunk Engineer/Administrator/Developer with a focus on SIEM operations and executive dashboarding. This is an onsite role requiring an active TS/SCI clearance. The ideal candidate will design and maintain dashboards, alerts, and correlation searches to support security monitoring, network operations, and executive reporting.

Key Responsibilities:

• Administer and manage Splunk as a SIEM platform.

• Develop dashboards and visualizations for executives, NOSC, SOC, and system administrators.

• Parse and index network logs, alerts, and event data for advanced correlation searches.

• Build and maintain data models to support real-time security monitoring and reporting.

• Collaborate with technical and business teams to translate network/security data into actionable insights.

Qualifications:

• Active TS/SCI clearance (required).

• Hands-on experience with Splunk SIEM use cases, dashboard development, and alerting.

• Expertise in parsing/indexing logs, building correlation searches, and creating data models.

• Certifications such as Splunk Core Certified Power/Advanced Power User, Splunk Enterprise Certified Admin, Splunk ES Certified Admin, or Splunk ITSI Certified Admin.

Preferred Background:

• Previous roles such as Splunk Developer, Splunk Consultant, SIEM Engineer, SOC Analyst (Splunk-focused), or Monitoring/Data Visualization Engineer.