Splunk Front End Developer #1673116

About NDi:

Network Designs, Inc. (NDi) is a leading Federal contractor that specializes in designing, developing, and delivering information technology and network solutions for government customers. Founded in 1985, NDi's firmly defined core values have driven all aspects of the business, which have been paramount to our company's success and the establishment of an enjoyable workplace atmosphere. At NDi, we believe that our people are the cornerstone of our success, and we value collaboration, career growth, and winning ideas. Military Veterans Encouraged to Apply.

Job Description:

The Front-End Splunk Developer is responsible for designing, developing, and maintaining intuitive, high-impact Splunk dashboards and visual analytics that transform complex log and security data into actionable insights. This role focuses on front-end Splunk development, including SPL optimization, dashboard design, and user experience, to support security operations, compliance reporting, and executive decision-making. The developer will collaborate closely with SOC analysts, engineers, and stakeholders to deliver role-based visualizations, improve situational awareness, and enhance enterprise monitoring and security visibility across on-premises and cloud environments.

Requirements :

• U.S. Citizenship is required


• Must be able to obtain a Public Trust clearance.


• This position is remote with occasional travel to DC, MD, VA, WV, NJ, and OK.

Qualifications and Experience:

• Bachelor's degree in Computer Science, Information Systems, Cybersecurity, Engineering, Mathematics, Technology, or a related IT, engineering, math, or science discipline.


• 6+ years of experience in Splunk development, security analytics, or enterprise monitoring environments.


• Demonstrated experience delivering front-end Splunk dashboards, visualizations, and user-focused analytics for SOC, engineering, compliance, and executive audiences.


• One or more industry-recognized certifications required, including:
  
  
  
  • Certified Information Systems Security Professional (CISSP)
  
  
  • Certified Information Security Manager (CISM)
  
  
  • Certified Information Systems Auditor (CISA)
  
  
  • Certified Ethical Hacker (CEH)
  
  
  • Certified Authorization Professional (CAP)
  
  
  • CompTIA Security+
  
  
  • Or other equivalent IT or cybersecurity certifications
  
  


• Preferred Splunk certifications (Core Certified Power User, Advanced Power User, Enterprise Security)

Splunk Front-End Development:

• Advanced proficiency with Splunk Search Processing Language (SPL), including complex searches, joins, lookups, sub-searches, and statistical analysis.


• Strong experience developing and customizing:
  
  
  
  • Splunk dashboards using Classic XML and Dashboard Studio
  
  
  • Interactive forms, tokens, drilldowns, and role-based views
  
  


• Experience with Splunk UI customization, including Simple XML, HTML/CSS, JavaScript, and SplunkJS (as applicable).


• Ability to optimize dashboards and SPL queries for performance, scalability, and usability.

Data Visualization & User Experience:

• Strong understanding of data visualization principles and best practices.


• Experience translating complex log and security data into clear, actionable insights and executive-level metrics.


• Ability to design dashboards aligned to KPIs, SLAs, and operational goals.

Security Analytics & SIEM Knowledge:

• Experience building dashboards and alerts to support Security monitoring, incident response, and threat detection


• Working knowledge of:
  
  
  
  • Cyber threats, attack vectors, APTs, and log-based detection
  
  
  • SIEM concepts and SOC workflows
  
  


• Experience supporting Splunk Enterprise Security (ES), including correlation searches, notable events, and risk-based alerting (preferred).

Data Onboarding & Normalization:

• Understanding of data ingestion, parsing, and field extraction from diverse sources such as Firewalls, IDS/IPS, endpoint tools, cloud platforms (AWS, Azure, GCP), and operating systems


• Experience applying Splunk CIM data models to support reusable analytics and dashboards.

Governance, Compliance & Reporting:

• Experience supporting compliance and reporting aligned with NIST, FISMA, FedRAMP, ISO 27001, and DoD STIGs.


• Ability to develop audit-ready dashboards and reports supporting security assessments and ATO activities.


• Experience documenting SPL logic, data sources, and dashboard functionality.

Analytical & Problem-Solving Skills:

• Proficient in standard and advanced analytical techniques to correlate events, identify trends, and surface anomalies.


• Ability to troubleshoot dashboard performance, data quality, and visualization issues across complex environments.


• Apply data-driven analysis to improve monitoring coverage and security visibility.

Collaboration, Communication, and Professional Attributes:

• Collaborate with SOC analysts, engineers, auditors, and leadership to gather requirements and deliver effective Splunk solutions.


• Communicate technical analytics and risk insights clearly to technical and non-technical stakeholders.


• Provide user training and knowledge transfer on dashboard usage and interpretation.


• Strong organizational, time-management, and multitasking skills.


• Highly responsive and customer-focused.


• Detail-oriented with a strong emphasis on data accuracy and consistency.


• Ability to work with confidential and proprietary information with discretion.


• Commitment to staying current with Splunk platform enhancements, visualization capabilities, and security analytics best practices.

Responsibilities:

• Architect and implement Splunk dashboards for data-center asset inventory and vulnerability reporting.


• Build Executive dashboards that filter and highlight critical assets for situational awareness.


• Normalize dashboard layouts, panels, and visualizations to a consistent styling and naming convention.


• Optimize searches and SPL queries for performance and scalability.


• Integrate new data sources and onboard security systems into Splunk.


• Map CVE and asset owner data into asset-centric dashboards


• Produce and maintain dashboard documentation: data sources, queries, drill-downs, and user guides.


• Mentor junior engineers and lead knowledge-transfer sessions.


• Collaborate with stakeholders to plan new dashboards, define requirements, wireframes, and success metrics

Required Tools and Technologies:

• Splunk Platform


• Splunk Enterprise and/or Splunk Cloud


• Splunk Search Processing Language (SPL) for advanced searches, analytics, and data correlation


• Splunk Dashboard Studio and Classic Simple XML


• Splunk Enterprise Security (ES) (preferred): correlation searches, notable events, risk-based alerting


• Splunk Common Information Model (CIM) and data models


• Splunk Lookups, KV Store, summary indexing, and scheduled searches


• Splunk Role-Based Access Control (RBAC) and knowledge object management


• Front-End Development & Visualization


• Dashboard design and customization using Simple XML


• HTML, CSS, and JavaScript for UI customization and advanced dashboard behavior


• SplunkJS SDK (as applicable)


• Data visualization best practices for security and operational analytics


• Data Sources & Integrations


• Log ingestion and normalization from:
  
  
  
  • Firewalls, IDS/IPS, VPNs, endpoint protection platforms
  
  
  • Identity systems (Active Directory, IAM solutions)
  
  
  • Operating systems (Windows, Linux)
  
  
  • Cloud platforms (AWS, Azure, GCP)
  
  


• Experience with log forwarders, parsing, field extraction, and sourcetypes


• Security & SIEM Technologies


• SIEM and security monitoring concepts


• Familiarity with:
  
  
  
  • Firewalls, IDS/IPS (e.g., Snort, Suricata)
  
  
  • Endpoint security tools
  
  
  • Threat detection and incident response workflows
  
  


• Understanding of cyber threats, attack vectors, and log-based detection methods


• Automation & Scripting (Supporting)
  
  
  
  • Python and/or PowerShell for data analysis, automation, or API integration
  
  
  • REST APIs for integrating Splunk with external systems
  
  


• Security frameworks and standardsNIST RMF, FISMA, FedRAMP, ISO 27001, DoD STIGs

Compensation and Benefits:

At NDi, we value our team and are committed to retaining top talent by offering competitive benefits and compensation packages. Our employee benefits package includes comprehensive health, dental, vision, pet, and legal insurance. Our corporate benefits include 401(k) retirement matching, paid leave, paid holidays, and health and wellness programs. In addition, we provide employer-paid life and disability insurance, professional development, education benefits, and much more to ensure our team has the resources they need to thrive on and off the job.

Veterans First Commitment:

As a Service-Disabled Veteran-Owned Small Business (SDVOSB), NDi is dedicated to hiring veterans and providing a supportive work environment that honors their service while recognizing the unique skills and experiences they bring to our organization.

Our Commitment:

Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status or other characteristics protected by law.

Apply Now: Take advantage of this unique opportunity to join one of the fastest-growing companies in Federal contracting!