Splunk

Overview

On Site
Depends on Experience
Contract - W2

Skills

Splunk

Job Details

Senior Splunk Engineer (UBA & SOAR Focus)

Cybersecurity Operations

Miami, FL - Full-Time Onsite (100% In-Office)

This position requires full-time onsite presence in Miami, FL for the duration of the project. No remote or hybrid options available.

Role Type

Full-time Contract Position - IMMEDIATE START - Approximately 12 weeks duration

About Our Client

Our client is a federal contractor supporting critical national security operations. They provide advanced technology solutions and cybersecurity services to government agencies, ensuring the protection of sensitive data and infrastructure. With decades of experience in the defense and intelligence sectors, they maintain the highest standards of security, compliance, and operational excellence while supporting missions that protect national interests.

Job Description

URGENT NEED - IMMEDIATE START AVAILABLE

We're seeking an expert Senior Splunk Engineer with deep specialization in User Behavior Analytics (UBA) and Security Orchestration, Automation and Response (SOAR) for an immediate, high-priority federal project in Miami. This is a short-term, intensive engagement with approximately 12 weeks remaining to complete critical scope.

This is a hands-on technical role requiring someone who can hit the ground running with minimal ramp-up time. You'll be working onsite full-time in Miami, focusing on advanced Splunk implementations including UBA operations, SOAR playbook development, data optimization, and performance troubleshooting. The fast-paced nature of this project requires someone with proven experience who can work independently and deliver results quickly.

Your day-to-day will involve data normalization using CIM/ES, resolving indexing and latency issues, onboarding data from Kafka and other pipelines, optimizing data transport, and developing SOAR playbooks and integrations. This position requires an active Top Secret (TS) security clearance and the ability to work full-time onsite at a secure facility in Miami.

The ideal candidate has extensive hands-on Splunk experience with particular expertise in UBA and SOAR platforms, thrives under pressure, and can deliver high-quality technical solutions within compressed timeframes. You must be comfortable working in secure government environments and possess the security clearance required for immediate access.

You'll work directly with the cybersecurity operations team and report to the Security Engineering leadership while supporting critical national security missions.

Duties and Responsibilities

  • Implement and optimize Splunk User Behavior Analytics (UBA) operations including data onboarding and tuning.
  • Develop, configure, and maintain SOAR playbooks and integrations for automated security response workflows.
  • Perform data normalization using Common Information Model (CIM) and Splunk Enterprise Security (ES) standards.
  • Optimize data ingestion and indexing performance to ensure system efficiency and scalability.
  • Troubleshoot and resolve latency issues and indexing contention across Splunk infrastructure.
  • Onboard data from Kafka and other data pipelines ensuring proper formatting and integration.
  • Conduct data quality remediation to ensure accuracy, completeness, and reliability of security data.
  • Optimize data transport mechanisms to improve performance and reduce resource utilization.
  • Configure and tune UBA threat detection models and anomaly detection algorithms.
  • Integrate SOAR platform with security tools, ticketing systems, and other enterprise applications.
  • Document configurations, playbooks, and operational procedures for knowledge transfer.
  • Collaborate with security analysts and operations teams to refine automation and detection capabilities.

Required Experience/Skills

  • 5+ years of hands-on Splunk Enterprise experience with deep technical expertise across the platform.
  • Expert-level experience with Splunk User Behavior Analytics (UBA) - this is critical and non-negotiable.
  • Expert-level experience with Splunk SOAR (Phantom) including playbook development and integrations - this is critical and non-negotiable.
  • Advanced proficiency in data normalization using Splunk Common Information Model (CIM) and Enterprise Security (ES).
  • Proven experience optimizing Splunk data ingestion, indexing, and storage for performance and cost efficiency.
  • Strong troubleshooting skills for resolving latency issues, indexing contention, and performance bottlenecks.
  • Hands-on experience onboarding data from Kafka, syslog, APIs, and other data pipeline technologies.
  • Experience with data quality remediation and ensuring data integrity across security platforms.
  • Knowledge of data transport optimization techniques including compression, routing, and load balancing.
  • Strong understanding of cybersecurity operations, threat detection, and incident response workflows.
  • Experience developing automated response playbooks and integrating SOAR with security tools (SIEM, EDR, firewalls, etc.).
  • Active Top Secret (TS) security clearance - required for immediate start.
  • Ability to work full-time onsite in Miami, FL for the duration of the 12-week project.
  • Self-motivated with ability to work independently and deliver results under tight deadlines.
  • Excellent problem-solving skills with ability to quickly diagnose and resolve complex technical issues.

Nice-to-Haves

  • Experience with Splunk Cloud Platform or hybrid cloud/on-premises deployments.
  • Familiarity with other SOAR platforms (Palo Alto XSOAR, IBM Resilient, Swimlane).
  • Knowledge of Python, SPL (Search Processing Language), and scripting for automation.
  • Experience with threat intelligence platforms and integration with Splunk.
  • Background working on federal contracts or in secure government environments.
  • Splunk certifications (Splunk Enterprise Certified Admin, Splunk Enterprise Security Certified Admin, Splunk SOAR Certified Automation Developer).
  • Experience with container technologies and microservices architectures.
  • Understanding of compliance frameworks (NIST, FedRAMP, FISMA).

Education

Bachelor's degree in Computer Science, Information Security, Information Technology, or related technical field preferred. Equivalent hands-on technical experience in cybersecurity and Splunk engineering will be considered.

Pay & Benefits Summary

  • All-inclusive rate: $125/hour (includes all expenses - travel, lodging, per diem, etc.)
  • Immediate start available - can begin as soon as clearance verification and onboarding complete.
  • 12-week contract duration with potential for extension based on project needs.
  • Full-time onsite work in Miami, FL providing immersive project focus.
  • Opportunity to work on high-impact national security projects supporting critical missions.
  • Gain experience with advanced Splunk implementations in secure federal environments.
  • Work with cutting-edge cybersecurity technologies and methodologies.
  • Fast-paced, technically challenging environment with immediate impact on project outcomes.

Call-to-Action

Have TS Clearance and expert Splunk UBA/SOAR skills? Start immediately! Apply now for this urgent Miami opportunity!

Keywords: Senior Splunk Engineer | Splunk UBA | Splunk SOAR | Splunk Phantom | Security Automation | SOAR Playbooks | Data Normalization | CIM | Enterprise Security | Top Secret Clearance | TS Clearance | Miami Jobs | Federal Contractor | Cybersecurity | Kafka | Data Pipeline | Immediate Start

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

About Catapult Solutions Group