Splunk Architect / Engineer

Key Responsibilities

- Helps with the validation security control configuration on systems, ensure all systems are configured to necessary controls, such as NIST, DFARS 252.204-7012, CMMC, and other similar requirements.

- Performs day to day analysis of security threats.

- Performs day to day remediation of security incidents.

- Provide leadership to lower-level cybersecurity and IT professionals across the enterprise.



Additional Responsibilities

- Administer the Splunk application infrastructure

- Provide support for design, architecture, development, deployment, installation, configuration, integration, operation, and maintenance of Splunk resources.

- Create standardized documentation for Splunk deployments.

- Deploy and maintain dashboards, reports, alerts, technology apps/add-ons, and Common Information Model (CIM) compliance.

- Support the expansion of the current Splunk environment to include Splunk Enterprise Security (ES) and Security Orchestration, Automation & Response (SOAR).

- Support system and data integration within the security tool ecosystem within department

- On-board additional data sources with the assistance of stakeholders across the institution.

- Tune new and existing data streams, alerts, reports, and data models.

- Identify and remediate gaps in existing Splunk security posture and deployment.

- Mentor junior analysts in Splunk use and best practices.



This is a contract to hire position paying between $60-$80/hour depending on level of education and experience. The salary range is $120-$170K



Exact compensation may vary based on several factors, including skills, experience, and education.



Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.

To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .

-9 years of related experience with a Bachelor's degree in Cybersecurity, Information Security, Systems Engineering, Cybersecurity Engineering, Cybersecurity Architect or related field.

- Experience in implementing Splunk applications, tools, and add-ons, including ES and SOAR.

- Solid technical understanding of cybersecurity concepts, standards, guidelines, and principles.

- Strong written and oral communication skills.

- One or more intermediate cybersecurity certifications such as: Certified Ethical Hacker (CEH), PenTest+, GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Enterprise Defender (GCED), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Incident Handler (GCIH) or equivalent.

- One or more baseline specialized certifications such as: Splunk Cloud Certified Admin, Splunk Enterprise Certified Admin, Splunk Enterprise Certified Architect.

- Active Secret clearance.

- Master's degree in a related field and/or a minimum of 6 years of equivalent experience in Splunk/SIEM administration.

- One or more advanced cybersecurity certifications such as: Offensive Security Certified Professional (OSCP), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or equivalent.

- One or more intermediate specialized certifications such as: Splunk Enterprise Security Certified Admin, Splunk SOAR Certified Automation Developer, Splunk Certified Cybersecurity Defense Analyst.

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.