Job Description

OVERVIEW

A technical expert who manages and optimizes the Splunk environment, ensuring accurate log ingestion, dashboard development, and content creation to enable real-time detection and incident response.

GENERAL DUTIES

• Maintain and optimize distributed Splunk architecture (indexers, forwarders, search heads).
• Design and develop dashboards, reports, and custom SPL queries.
• Create and manage Splunk knowledge objects (e.g., lookups, macros, tags).
• Integrate disparate data sources for real-time analysis and threat detection.
• Collaborate with TESIEMS and SOC teams for tuning detection content and workflows.
• Support patching, upgrades, and Splunk platform administration.

REQUIRED QUALIFICATIONS

• 47 years of Splunk or SIEM experience.
• Strong knowledge of data normalization, log ingestion, and indexing pipelines.
• Experience with SOAR automation and Splunk content development.
• Degree Requirements (if applicable) bachelors degree from an accredited institute in an area applicable to the position in Cybersecurity, Computer Science, Information Systems, or a related discipline.
• Three (3) years of additional experience in lieu of degree.
• Splunk certifications (e.g., Splunk Core Certified Power User, Splunk Certified Admin/Architect).
• Relevant certifications, such as CISSP, CISM, CySA+ are highly desirable.

CLEARANCE

• Secret minimum

Pueo is an equal employment opportunity employer and affirmative action employer. All interested individuals will receive consideration and will not be discriminated against on the basis of race, color, religion, sex, national origin, disability, age, sexual orientation, gender identity, genetic information, or protected veteran status. Pueo takes affirmative action in support of its policy to advance diversity and inclusion of individuals who are minorities, women, protected veterans, and individuals with disabilities.

Job Tags

Similar Jobs