Splunk Administrator

  • Odenton, MD
  • Posted 2 days ago | Updated 5 hours ago

Overview

On Site
USD 140,000.00 - 160,000.00 per year
Full Time

Skills

Telecommuting
Evaluation
Event Management
DMA
Systems Analysis
Testing
Security Clearance
Technical Support
Technical Drafting
Servers
Engineering Support
STIG
DoD
IAVA
Auditing
Change Management
Visualization
Dashboard
Incident Management
Management
Orchestration
Perl
Shell
Windows PowerShell
SQL
D3.js
HTML
XML
Cascading Style Sheets
Bash
Java
Python
Scripting
Analytical Skill
Problem Solving
Conflict Resolution
Documentation
Network
SIEM
Artificial Intelligence
Machine Learning (ML)
FISMA
Risk Management Framework
NIST SP 800 Series
Information Security
Continuous Monitoring
Information Systems
Security+
Robotic Process Automation
Splunk
Cyber Security
Market Analysis
Law

Job Details

Leidos is seeking a Splunk Administrator to join our Defense Enclave Services Cybersecurity team, at the customer site at Fort Meade, MD. This position will support ~50% hybrid work (on average 2 days/week onsite required but may vary depending on customer needs) and must be local to the Ft. Meade area.

TLDR:
  • Must have hands-on experience using and administering SPLUNK
  • Must have Secret Clearance or higher
  • Must have current Security+ certification (or equivalent/higher)
  • 50% telework allowed (subject to change based on customer requirements)
  • Pay is $140-$160K based on qualifications and technical evaluation

Job Description:
Leidos has an exciting opportunity for a Splunk Administrator providing administration support in both classified and unclassified environments, including operation and maintenance of the log aggregation and Security Information and Event Management (SIEM) platform for DMA and/or other organizations supported under the DES contract. The Splunk Administrator will perform systems analysis, modify and update systems and related data ingestion parameters based on results of analysis, deploy applications and tools, perform testing of deployed applications and tools, and communicate updates as required.

Clearance Requirement:
Currently possess a DoD Secret security clearance. (ship required); with the ability to obtain and maintain a TS/SCI.

Key Responsibilities:
  • Establish and maintain configuration and technical support to a unique community of users, assist in the technical design process, and provide guidance/direction to customer on how to best get value from Splunk products.
  • Maintain, upgrade and troubleshoot SPLUNK servers, clusters and management systems.
  • Install, upgrade and maintain required SPLUNK applications and add-ons.
  • Provide performance and license tuning for systems and troubleshoot SPLUNK components across multiple network environments.
  • Provide solution engineering support to ensure systems and components meet current and future standards.
  • Develop, create, deploy, and manage custom SPLUNK monitors, alerts and dashboards.
  • Monitor SPLUNK for cluster status, health status, and other issues, and resolve as needed.
  • Follow approved DoD, STIG standards and DoD IAVA requirements.
  • Manage patching and updates of Splunk hosts and/or Splunk application software.
  • Monitor and audit configurations and participate in the Change Management process to ensure that unauthorized changes do not occur.
  • Perform data ingestion and visualization for Splunk.
  • Build and integrate contextual data into notable events.
  • Build dashboards highlighting data anomalies and key trends. Design, develop, recommend, and implement Splunk dashboards and alerts in support of the Incident Response team.
  • Develop advanced scripts for the manipulation of data to support analyst requirements.
  • Provide recommendations and implement changes to optimize Splunk in the environment.
  • Perform integration activities to connect with 3rd party software APIs.
  • Recommend innovative solutions to management and key stakeholders.
  • Manage automating Splunk deployments and orchestration.

Must have's:
  • At least three (3) years of experience implementing and administering Splunk and Splunk Enterprise Security.
  • Experience developing in either Bash, Perl, Shell, PowerShell, SQL, D3, HTML, XML, CSS, Bash, JAVA and/or Python scripts.
  • 3+ years hands-on experience implementing and administering security solutions, including developing related documentation and artifacts.
  • Analytical ability, problem-solving skills, and ability to break down complex problems into actionable steps.
  • Experience must include a wide range of work in creating diagrams and documentation with all components that comprise IT systems including network topology.
  • Excellent knowledge and experience with regard to IAM, NDR, EDR, SIEM, AI/ML, and other cybersecurity tools and related applications.
  • Understanding of federal cybersecurity guidance such as FISMA NIST SP 800-37 - Guide for Applying the Risk Management Framework to Federal Information Systems: a Security Life Cycle Approach and NIST 800-137 - Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations.
  • Must have 8570 IAT-II certification prior to start date (Security+ or higher).

Nice to have's:
  • Certified Splunk Enterprise Administrator.
  • Bachelor's degree and 8+ years of relevant experience; additional years of experience may be substituted in lieu of a degree.
  • Robotic Process Automation/Intelligent Automation experience.
  • Certified Splunk Enterprise Security Administrator.
  • Certified Splunk SOAR Automation developer.
  • Additional certifications demonstrating cybersecurity/technical mastery.

Original Posting:
May 30, 2025
For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:
Pay Range $104,650.00 - $189,175.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.