Splunk Dashboard Engineer

RESPONSIBILITIES:
Kforce has a client that is seeking a Splunk Dashboard Engineer in Morrisville, NC.

Overview:
We are seeking a Splunk Detection & Incident Response Dashboard Engineer to support our Incident, Detection, and Response (IDR) team within the broader Cybersecurity organization. This role is responsible for designing, building, and maintaining Splunk dashboards, reports, and visualizations that enable real time threat detection, incident investigation, and operational awareness across the Security Operations Center (SOC).

The ideal candidate specializes in translating security telemetry-logs, alerts, notable events, and metrics-into actionable dashboards that help analysts detect threats faster, investigate incidents efficiently, and measure the effectiveness of detection and response workflows. This role directly supports SOC operations, leadership visibility, and continuous improvement of security outcomes through data driven insights.

Key Responsibilities:
* Design and maintain Splunk dashboards that support incident detection, investigation, and response workflows within the SOC

Develop dashboards and visualizations for security metrics such as:
* Incident volume and severity
* Mean Time to Detect (MTTD) and Mean Time to Respond/Resolve (MTTR)
* Alert fidelity and false positive trends

* Build and optimize Splunk searches, reports, and dashboard panels that surface suspicious activity, detections, and notable events
* Partner closely with Detection Engineers, Incident Responders, and SOC Analysts to understand use cases, threats, and investigative requirements
* Ensure dashboards align with SOC workflows, enabling analysts to quickly pivot from visualization to investigation
* Improve dashboard performance and usability by refining searches and data models used for security analytics
* Support executive and leadership reporting by delivering high level SOC visibility dashboards that summarize security posture and operational performance

REQUIREMENTS:
* Hands on experience building dashboards and reports in Splunk, ideally in a SOC or cybersecurity context
* Strong understanding of how Splunk is used for security analytics, threat detection, and incident response
* Experience working with security related data sources such as authentication logs, endpoint telemetry, network logs, or application security logs
* Ability to transform unstructured security data into clear, actionable visual insights
* Experience collaborating with incident responders, detection engineers, or SOC analysts
* Strong analytical mindset with attention to detail and operational accuracy

Preferred Qualifications:
* Experience supporting or working within an Incident Response, Detection Engineering, or SOC team
* Familiarity with Splunk Enterprise Security concepts such as notable events, correlation searches, and SOC KPIs
* Experience building dashboards used for SOC performance measurement or leadership reporting
* Understanding of common cyber threat types and investigative workflows

What Success Looks Like in This Role:
* SOC analysts rely on dashboards for real time visibility into threats and incidents
* Detection and response teams can quickly identify trends, bottlenecks, and improvement areas
* Leadership has clear, accurate insight into SOC effectiveness and security posture
* Dashboards directly contribute to faster detection, investigation, and response outcomes

The pay range is the lowest to highest compensation we reasonably in good faith believe we would pay at posting for this role. We may ultimately pay more or less than this range. Employee pay is based on factors like relevant education, qualifications, certifications, experience, skills, seniority, location, performance, union contract and business needs. This range may be modified in the future.

We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.

Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless and until paid and may be modified in its discretion consistent with the law.

This job is not eligible for bonuses, incentives or commissions.

Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

By clicking ?Apply Today? you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.