SENIOR Splunk Engineer

Overview

SAIC is seeking a Senior Splunk Engineer / Architect to lead and support enterprise cybersecurity operations. This senior-level role is responsible for architecting, engineering, and advancing Splunk platforms within a mission-critical federal environment. The engineer/architect will shape platform strategy, ensure architectural integrity, and maintain Splunk optimization for performance, resilience, and scalability as the agency matures its cloud-based deployments. This is an excellent opportunity for a Splunk expert who thrives in federal environments and is eager to provide both hands-on engineering and architectural leadership to a modernized SIEM platform that directly enables cybersecurity operations.

Responsibilities

• Serve as the architectural lead for Splunk Enterprise and Splunk ES in a high-availability, distributed, and cloud-based environment.
• Define and maintain the long-term Splunk architecture, ensuring scalability, resilience, and security to meet mission and compliance requirements.
• Oversee architectural decisions related to storage, disaster recovery, and performance, including the use of features such as SmartStore and ASR/MSR.
• Conduct architectural reviews, capacity planning, and performance optimization for enterprise Splunk environments.
• Drive the onboarding and normalization of diverse data sources (OS, network, applications, cloud services) into Splunk, aligning with enterprise logging standards.
• Architect and guide the design of dashboards, data models, and advanced analytics to support threat detection, forensics, and reporting.
• Establish and enforce configuration management, security hardening, and change control processes for Splunk platforms.
• Produce and maintain architecture documentation, including conceptual designs, reference architectures, and operational standards.
• Provide technical leadership and mentorship to engineers, analysts, and administrators in Splunk best practices.
• Evaluate emerging Splunk capabilities, cloud services, and SIEM technologies to inform future platform evolution.
• Collaborate with cybersecurity leadership and stakeholders to align Splunk architecture with mission objectives and federal requirements.

Qualifications

Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Engineering, or related technical discipline; OR 10+ years of equivalent IT experience.
• 7+ years of IT experience, with at least 3+ years focused on Splunk engineering and architecture.
• Current Splunk Enterprise Certified Architect certification (required).
• Demonstrated expertise in Splunk Enterprise and Splunk ES, including SPL and the Common Information Model.
• Proven experience in architecting and maintaining Splunk in cloud environments, including familiarity with SmartStore and ASR/MSR.
• Strong background in distributed systems design, performance tuning, and capacity planning.
• Proficiency with scripting languages such as PowerShell, Bash, or Python.
• Experience operating Splunk across Windows and Linux environments.
• CompTIA Security+ or higher certification (e.g., CISSP, CISM).
• Excellent communication skills with the ability to explain technical architectures to both executives and engineers.

Preferred Qualifications

• Splunk Enterprise Security Certified Admin or Splunk Certified Core Consultant certification.
• Experience developing enterprise logging architectures for hybrid or federal environments.
• Familiarity with other SIEM platforms (e.g., ELK, Azure Sentinel).
• Experience with DevOps tools such as GitLab/GitHub for version control.

Clearance and Logistics

• All candidates must be eligible to obtain and maintain a U.S. Public Trust clearance.
• This hybrid role requires a minimum of three on-site days per week in Washington, DC.
• Target salary range: $120,001 - $160,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.

REQNUMBER:

SAIC is a premier technology integrator, solving our nation's most complex modernization and systems engineering challenges across the defense, space, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and simulation; and training. We are a team of 23,000 strong driven by mission, united purpose, and inspired by opportunity. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see Working at SAIC. EOE AA M/F/Vet/Disability