Lead Splunk Engineer Architect

Veteran-Owned Firm Seeking a Lead Splunk Engineer Architect with TS/SCI for a role in Annapolis Junction, MD

My name is Stephen Hrutka. I lead a Veteran-Owned management consulting firm in Washington, DC. We specialize in Technical and Cleared Recruiting for the Department of Defense (DoD), the Intelligence Community (IC), and other advanced defense agencies.

At HRUCKUS, we support fellow Veteran-Owned businesses by helping them recruit for positions across organizations such as the VA, SBA, HHS, DARPA, and other leading-edge R&D-focused defense agencies.

We seek to fill a Lead Splunk Engineer Architect position in Annapolis Junction, MD.

The ideal candidate must hold an active TS/SCI clearance and meet one of the following experience requirements: a minimum of 8 years of professional experience with a BS/BA, 6 years with an MS/MA, or 3 years with a PhD, proven expertise as a Splunk Architect, Administrator, or SME in large-scale environments, and as well as a current DoD 8570.1-M/8140 IAT or IAM Level III certification (e.g., CASP , CISSP, CCSP).

If you’re interested, I'll gladly provide more details about the role and discuss your qualifications further.

Thanks,

Stephen M Hrutka

Principal Consultant

HRUCKUS LLC

Executive Summary: HRUCKUS seeks a Lead Splunk Engineer Architect for a role supporting the Department of the Navy in Annapolis Junction, MD.

Position Description: As the Lead Splunk Engineer Architect, you will be responsible for end-to-end architecture, engineering, and administration of Splunk systems within a secure DoD environment. This includes ingesting and normalizing diverse data sources, developing advanced SPL queries and dashboards, integrating with SOAR platforms, and providing architectural guidance to ensure scalability, resiliency, and security compliance. You will collaborate closely with cybersecurity, infrastructure, and application teams to deliver actionable intelligence and continuous monitoring capabilities.

Position Job Duties:

• Architect, deploy, and maintain enterprise Splunk environments, including multi-site and clustered deployments.
• Configure and manage Splunk forwarders, HTTP Event Collector (HEC), scripted inputs, and ingestion pipelines.
• Develop and optimize complex SPL queries, dashboards, reports, and alerting mechanisms.
• Integrate Splunk with security tools, SOAR platforms, and data sources including firewalls, IDS/IPS, endpoint protection, and vulnerability management systems.
• Utilize Splunk Enterprise Security (ES) and Qumulos for advanced threat detection and correlation.
• Provide technical leadership in scaling Splunk infrastructure to support large data volumes and high availability.
• Perform system health checks, troubleshooting, and performance tuning of Splunk components.
• Ensure compliance with DoD security standards, RMF requirements, and applicable STIGs.
• Mentor junior Splunk engineers and collaborate with cross-functional teams to meet mission requirements.

Position Qualifications:

• TS/SCI level clearance is required
• Minimum of 8 years with BS/BA; 6 years with MS/MA; or 3 years with PhD.
• Proven experience as a Splunk Architect, Administrator, or SME in large-scale environments.
• Strong understanding of Splunk architecture, components, and deployment best practices.
• Proficiency in Splunk Search Processing Language (SPL) for creating complex searches and reports.
• Experience with data ingestion methods, including forwarders, HEC, and scripted inputs.
• Familiarity with Splunk Enterprise Security (ES), Qumulos, and Splunk SOAR platforms.
• Solid understanding of IT infrastructure (networking, operating systems, and security principles).
• Excellent problem-solving, communication, and collaboration skills.

Certification Requirement:

• Must possess a current DoD 8570.1-M/8140 IAT or IAM Level III certification (e.g., CASP , CISSP, CCSP).

Desired:

• Splunk Architect is desired.
• Splunk Certified Administrator certification desired.

Details:

• Job Title: Systems Engineer
• 3 Site Locations:
• Annapolis Junction, MD (Primary)
• JBAB (Depends on Responsibilities)
• Landover, MD (Future)
• Security Clearance Requirement: TS/SCI
• Assignment Type: Full-time
• Salary: Dependent on the candidate's experience, with a target range of up to $200,000