Splunk Engineer - Washington - Conviso Inc.

Description

Conviso Inc is hiring Sr Splunk Engineer with at least 6 years of Splunk experience to join our cybersecurity / IT operations team.

If you think you are the right match for the following opportunity, apply after reading the complete description.

Role: Splunk Engineer

Location: Remote

Active Secret Clearance Required

Certification Requirements: DoD 8570 IAT II (i.e. Security+), Splunk Certified Administrator or higher

Key Responsibilities

• Splunk Platform Management: Install, configure, and maintain Splunk Enterprise, UBA, and SOAR in both on-premises and cloud/hybrid architectures; perform system upgrades, patching, and troubleshooting. Strong preference for any Oracle cloud experience.
• UBA and SOAR Optimization: Customize and fine-tune UBA models for behavioral analytics; configure playbooks, integrations, and automated actions within SOAR to accelerate threat response. Coordinate directly with on-prem/cloud infrastructure teams to maintain and deploy these modules.
• Team Leadership & Mentoring: Supervise, mentor, and provide technical guidance to junior Splunk team members and peers; delegate tasks, review work quality, facilitate skills development, and foster a collaborative team environment in alignment with mission objectives.
• Security and Compliance: Implement and maintain Splunk best practices in accordance with defense agency security policies, compliance requirements, and data retention standards. Experience with STIGs mandatory.
• Incident Handling: Respond to incidents with appropriate logs and reports; proactively troubleshoot any log/analytic abnormalities preventatively.
• Collaboration & Agile Delivery: Work within Agile project teams, attending ceremonies (stand-ups, sprints, retrospectives) and using Jira for ticketing, backlog tracking, and documentation.
• Knowledge Sharing: Develop, update, and share technical documentation, standard operating procedures (SOPs), runbooks, and knowledge articles in alignment with agency practices. Work with many small, medium, and large teams to achieve agency and program objectives.
• Log Management and Analysis: Aggregate and parse logs from diverse data sources; develop and maintain dashboards, reports, alerts, and custom searches to surface actionable intelligence.

Technical Skills:

• Mastery in deploying and managing Splunk Enterprise, UBA, SOAR, and other Splunk modules.
• Experience using scripting (e.g., Python, Bash) for automation and data manipulation.
• Mastery in designing and tuning Splunk searches, dashboards, alerts, and CIM compliance.
• Experience with log sources common to defense/enterprise networks (Windows, Linux, network appliances, security devices).
• Experience using Jira for workflow management and Agile methodologies for project delivery.

Key Attributes and Soft Skills

• Skilled communicator, able to collaborate with IT, cybersecurity, and mission teams in written and verbal communications with a positive attitude and customer-first approach. xhmxlyz
• Proactive learner—stays current on Splunk and security operations best practices.