Information Security Engineer T3 - Splunk Content Developer - Remote

Role: Information Security Engineer T3 - Splunk Content Developer

Duration: 07/21/2025 to 07/20/2026

Location: Herndon, VA (Remote)

Description:

Candidate can be remote but if within 30 miles of Herndon office they will be required to be in office 3 days a week (Could increase based on business needs).

*Possible Convert to hire*

Content Development & Optimization

Build, maintain, and optimize Splunk dashboards, alerts, and reports that give teams real-time, actionable visibility.

Create, modify, and troubleshoot complex multi-layer searches and dashboards using advanced SPL commands, macros, and search chaining.

Continuously evaluate and improve existing content for clarity, performance, and value.

Write efficient searches and troubleshoot poorly written or misconfigured queries.

Analyze complex data sets and convert them into actionable insights.

Data Integration & Ingestion

Develop and manage data models that support scalable, high-performance content.

Design and implement ingestion solutions via APIs, scripted inputs, and Universal Forwarders.

Monitor log ingestion rates and ensure data consistency and reliability.

Ensure logs are compliant with the Common Information Model

Collaboration & Enablement

Partner with cross-functional teams to gather content requirements and translate them into impactful Splunk solutions.

Create clear documentation and training materials for end-users.

Conduct training sessions to help technical and non-technical stakeholders become confident Splunk users.

Tooling & Best Practices

Manage Splunk Knowledge Objects with a focus on organization and efficiency.

Integrate security and performance best practices into all aspects of Splunk content.

Administer and support Splunk Premium Apps, especially **Enterprise Security (ES)**.

Stay current with IT ecosystem integrations and opportunities to extend Splunk s capabilities.

What You Bring

Experience working in a collaborative team environment.

Bachelor s degree in Computer Science, Information Technology, or a related field (or equivalent experience).

3+ years of experience developing Splunk content in a professional environment.

Experience writing and optimizing SPL queries and visualizing complex data.

Strong problem-solving skills to troubleshoot issues with dashboards, alerts, and reports.

Familiarity with scripting languages like Bash, Python or PowerShell to support Splunk functions.

Strong understanding of log data formats and structures including JSON, XML, Syslog, and CSV.

Linux administration related to Splunk

Familiarity with integrating Splunk with other tools and platforms within the IT ecosystem.

Understanding of networking and systems concepts and security fundamentals.

Strong problem-solving and analytical skills with the ability to think strategically.

Excellent verbal and written communication skills to support a diverse set of stakeholders.

Ability to manage multiple tasks and projects simultaneously, ensuring timely delivery of Splunk solutions.

Familiarity with Security Operations Centers.

Bonus Points For

Splunk certifications (Certified Developer, Advanced Power User, ES Admin, etc.).

Experience with Splunk Enterprise Security (ES).

REST API integration experience within Splunk.

Data Science or AI/ML experience.

Familiarity with Agile methods and project management tools.

Prior experience supporting DoD or FedRAMP environments.

Demonstrated ability to lead end-user training and promote user adoption.

A passion for customer support and empowering others through data.

Strong customer service orientation to support end-users in their use of Splunk.