Overview
On Site
USD 120,001.00 - 160,000.00 per year
Full Time
Skills
Optimization
High Availability
Scalability
Regulatory Compliance
Management
Storage
Disaster Recovery
Onboarding
Normalization
Network
Dashboard
Advanced Analytics
Forensics
Reporting
Configuration Management
Hardening
Change Control
Documentation
IT Management
Mentorship
Collaboration
Leadership
Cyber Security
Computer Science
Information Systems
Elasticsearch
SPL
Cloud Computing
Systems Design
Performance Tuning
Capacity Management
Scripting
Windows PowerShell
Bash
Python
Microsoft Windows
Linux
Security+
CISSP
CISM
Communication
Splunk
SIEM
Microsoft Azure
DevOps
GitLab
GitHub
Version Control
Security Clearance
Information Technology
Systems Engineering
FOCUS
Job Details
Job ID: 2509748
Location: WASHINGTON, DC, US
Date Posted: 2025-09-12
Category: Cyber
Subcategory: Cybersecurity Spec
Schedule: Full-time
Shift: Day Job
Travel: No
Minimum Clearance Required: None
Clearance Level Must Be Able to Obtain: Public Trust
Potential for Remote Work: Yes
Description
SAIC is seeking a Senior Splunk Engineer / Architect to lead and support enterprise cybersecurity operations. This senior-level role is responsible for architecting, engineering, and advancing Splunk platforms within a mission-critical federal environment. The engineer/architect will shape platform strategy, ensure architectural integrity, and maintain Splunk optimization for performance, resilience, and scalability as the agency matures its cloud-based deployments.
This is an excellent opportunity for a Splunk expert who thrives in federal environments and is eager to provide both hands-on engineering and architectural leadership to a modernized SIEM platform that directly enables cybersecurity operations.
Responsibilities
Serve as the architectural lead for Splunk Enterprise and Splunk ES in a high-availability, distributed, and cloud-based environment.
Define and maintain the long-term Splunk architecture, ensuring scalability, resilience, and security to meet mission and compliance requirements.
Oversee architectural decisions related to storage, disaster recovery, and performance, including the use of features such as SmartStore and ASR/MSR.
Conduct architectural reviews, capacity planning, and performance optimization for enterprise Splunk environments.
Drive the onboarding and normalization of diverse data sources (OS, network, applications, cloud services) into Splunk, aligning with enterprise logging standards.
Architect and guide the design of dashboards, data models, and advanced analytics to support threat detection, forensics, and reporting.
Establish and enforce configuration management, security hardening, and change control processes for Splunk platforms.
Produce and maintain architecture documentation, including conceptual designs, reference architectures, and operational standards.
Provide technical leadership and mentorship to engineers, analysts, and administrators in Splunk best practices.
Evaluate emerging Splunk capabilities, cloud services, and SIEM technologies to inform future platform evolution.
Collaborate with cybersecurity leadership and stakeholders to align Splunk architecture with mission objectives and federal requirements.
Qualifications
Requirements
Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Engineering, or related technical discipline; OR 10+ years of equivalent IT experience.
7+ years of IT experience, with at least 3+ years focused on Splunk engineering and architecture.
Current Splunk Enterprise Certified Architect certification (required).
Demonstrated expertise in Splunk Enterprise and Splunk ES, including SPL and the Common Information Model.
Proven experience in architecting and maintaining Splunk in cloud environments, including familiarity with SmartStore and ASR/MSR.
Strong background in distributed systems design, performance tuning, and capacity planning.
Proficiency with scripting languages such as PowerShell, Bash, or Python.
Experience operating Splunk across Windows and Linux environments.
CompTIA Security+ or higher certification (e.g., CISSP, CISM).
Excellent communication skills with the ability to explain technical architectures to both executives and engineers.
Preferred Qualifications
Splunk Enterprise Security Certified Admin or Splunk Certified Core Consultant certification.
Experience developing enterprise logging architectures for hybrid or federal environments.
Familiarity with other SIEM platforms (e.g., ELK, Azure Sentinel).
Experience with DevOps tools such as GitLab/GitHub for version control.
Clearance Requirement
All candidates must be eligible to obtain and maintain a U.S. Public Trust clearance.
**This hybrid role requires a minimum of three on-site days per week in Washington, DC.**
Target salary range: $120,001 - $160,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
Location: WASHINGTON, DC, US
Date Posted: 2025-09-12
Category: Cyber
Subcategory: Cybersecurity Spec
Schedule: Full-time
Shift: Day Job
Travel: No
Minimum Clearance Required: None
Clearance Level Must Be Able to Obtain: Public Trust
Potential for Remote Work: Yes
Description
SAIC is seeking a Senior Splunk Engineer / Architect to lead and support enterprise cybersecurity operations. This senior-level role is responsible for architecting, engineering, and advancing Splunk platforms within a mission-critical federal environment. The engineer/architect will shape platform strategy, ensure architectural integrity, and maintain Splunk optimization for performance, resilience, and scalability as the agency matures its cloud-based deployments.
This is an excellent opportunity for a Splunk expert who thrives in federal environments and is eager to provide both hands-on engineering and architectural leadership to a modernized SIEM platform that directly enables cybersecurity operations.
Responsibilities
Serve as the architectural lead for Splunk Enterprise and Splunk ES in a high-availability, distributed, and cloud-based environment.
Define and maintain the long-term Splunk architecture, ensuring scalability, resilience, and security to meet mission and compliance requirements.
Oversee architectural decisions related to storage, disaster recovery, and performance, including the use of features such as SmartStore and ASR/MSR.
Conduct architectural reviews, capacity planning, and performance optimization for enterprise Splunk environments.
Drive the onboarding and normalization of diverse data sources (OS, network, applications, cloud services) into Splunk, aligning with enterprise logging standards.
Architect and guide the design of dashboards, data models, and advanced analytics to support threat detection, forensics, and reporting.
Establish and enforce configuration management, security hardening, and change control processes for Splunk platforms.
Produce and maintain architecture documentation, including conceptual designs, reference architectures, and operational standards.
Provide technical leadership and mentorship to engineers, analysts, and administrators in Splunk best practices.
Evaluate emerging Splunk capabilities, cloud services, and SIEM technologies to inform future platform evolution.
Collaborate with cybersecurity leadership and stakeholders to align Splunk architecture with mission objectives and federal requirements.
Qualifications
Requirements
Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Engineering, or related technical discipline; OR 10+ years of equivalent IT experience.
7+ years of IT experience, with at least 3+ years focused on Splunk engineering and architecture.
Current Splunk Enterprise Certified Architect certification (required).
Demonstrated expertise in Splunk Enterprise and Splunk ES, including SPL and the Common Information Model.
Proven experience in architecting and maintaining Splunk in cloud environments, including familiarity with SmartStore and ASR/MSR.
Strong background in distributed systems design, performance tuning, and capacity planning.
Proficiency with scripting languages such as PowerShell, Bash, or Python.
Experience operating Splunk across Windows and Linux environments.
CompTIA Security+ or higher certification (e.g., CISSP, CISM).
Excellent communication skills with the ability to explain technical architectures to both executives and engineers.
Preferred Qualifications
Splunk Enterprise Security Certified Admin or Splunk Certified Core Consultant certification.
Experience developing enterprise logging architectures for hybrid or federal environments.
Familiarity with other SIEM platforms (e.g., ELK, Azure Sentinel).
Experience with DevOps tools such as GitLab/GitHub for version control.
Clearance Requirement
All candidates must be eligible to obtain and maintain a U.S. Public Trust clearance.
**This hybrid role requires a minimum of three on-site days per week in Washington, DC.**
Target salary range: $120,001 - $160,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.