Senior Splunk Cybersecurity Engineer - Architect SME

Dragonfli Group is a cybersecurity and IT consulting firm headquartered in Washington, DC, serving federal and commercial clients nationwide. We deliver mission-driven consulting services across security engineering, cloud infrastructure, data science, and digital modernization.

We are seeking a highly skilled Splunk Cybersecurity Architect / Engineer SME to support a large federal agency. In this senior-level role, you will lead the design, deployment, automation, and maintenance of Splunk in a complex hybrid infrastructure. This includes operational support, Splunk integrations, security alignment, and real-time data analytics across on-premises and cloud environments.

You’ll collaborate with cross-functional stakeholders from DevOps, Security, and IT Operations to ensure robust monitoring, system availability, and performance tuning at scale.

This is a remote role (U.S. only) with potential occasional off-hours or weekend support. U.S. Citizenship or Permanent Residency is required.



Responsibilities

• Design and maintain enterprise-wide Splunk environments across hybrid infrastructure
• Develop complex dashboards, alerts, and searches using SPL
• Automate configuration, ingestion pipelines, and system performance tuning
• Integrate Splunk with cloud platforms (AWS, GCP, Azure) and external systems via APIs
• Troubleshoot ingest, parsing, and data integrity issues
• Guide data onboarding and architecture across large-scale projects
• Mentor junior engineers and support technical escalation
• Align Splunk capabilities with cybersecurity policies and compliance (FISMA, FedRAMP, NIST)

Must-Have:

• 10+ Years of Splunk Experience Required
• Manages knowledge objects (fields, extractions, tags, event types, lookups, workflow actions, aliases, macros, and so on) – through automations, scripting, management server functions; to include .conf and .cfg files in scope of the last four Splunk Enterprise versions
• Experience with Splunk deployment and configuration management in large-scale environments
• Proficiency in writing complex Splunk queries, dashboards, and alerts using SPL (Search Processing Language)
• Experience with REST APIs for Splunk and external system integration
• Ability to analyze and troubleshoot complex data ingestion and parsing issues
• Designing and developing an automations workflow and dashboard interface for such
• Self-starter with a service-oriented mindset who will take action, find ways to solve problems, and move projects to conclusion independently
• Strong problem-solving skills and the ability to translate research insights into practical solutions that address real-world challenges.
• Strong communication and collaboration skills with the ability to articulate complex technical concepts to both technical and non-technical audiences.
• Experience in mentoring and guiding junior researchers or team members

Preferred:

• Ability to leverage the Splunk AI Assistant and other AI tools to increase accuracy and efficiency of task and other deliverables
• Advanced knowledge of Unix/Linux and/or Windows systems administration and troubleshooting
• Strong scripting skills in Bash, Python, JavaScript, SQL and PowerShell for automation and integration tasks
• Experience with Splunk upgrades, patching, and performance tuning
• Proficiency in integrating Splunk with cloud platforms (AWS, GCP, Azure)
• Understanding of security and compliance requirements and implementation of role-based access controls (RBAC) in Splunk
• Strong knowledge of logging standards and best practices across application and infrastructure layers
• Extensive knowledge of defense-in-depth principles, Network and Security architecture, network topology, IT device integrity, and common security elements.
• Executes new projects as well as data and user onboarding
• Strong understanding of IT and Cyber industry standards and technologies to include such controls governed by NIST, FISMA, and FedRamp
• Experience installing and utilizing and developing with the Splunk App for Data Science and Deep Learning.
• Experience installing and utilizing and developing with the Splunk SOAR Automation toolset
• Experience or background in the Cybersecurity, Systems/Network Administration or Observability industry

• Splunk architecture and engineering (10+ years)
• System automation and scripting
• Cloud and on-prem systems integration
• Troubleshooting, dashboarding, and query optimization
• Strong interpersonal and communication skills

• Insurance - health, dental, vision
• PTO & 11 Federal Holidays
• 401(k), employer match