Splunk Cyber Security Infrastructure/Cloud Platform SME

PlanIT Group is seeking a Splunk Cyber Security Infrastructure/Cloud Platform SME to support our Federal customer in the Washington, DC area. The ideal candidate will be responsible for designing, deploying, and maintaining on-premises and cloud based Splunk environments to support enterprise-level monitoring, alerting, and reporting. This role demands deep expertise in Splunk system architecture, design, implementation, configuration, and operational support in a hybrid on-prem Unix/Linux and cloud-based environment.
Job Title: Splunk Cyber Security Infrastructure/Cloud Platform SME
Location: Raleigh, NC, Falls Church, VA, Eagan, MN
Start Date: 07/07/25
Duration: One year plus annual extensions
Splunk Cyber Security Infrastructure/Cloud Platform SME

Job Description:
Our US Government customer is seeking an experienced Splunk Engineer with strong infrastructure and software management skills to join our dynamic team. The ideal candidate will be responsible for designing, deploying, and maintaining on-premises and cloud based Splunk environments to support enterprise-level monitoring, alerting, and reporting. This role demands deep expertise in Splunk system architecture, design, implementation, configuration, and operational support in a hybrid on-prem Unix/Linux and cloud-based environment. Candidates must be able to collaborate across DevOps, Security, and IT teams to optimize performance, ensure data integrity, system availability and support mission-critical operations. Proven hands-on experience with a large enterprise wide Splunk environment is mandatory. Off-hours and weekend efforts for systems maintenance, upgrades and support may be required from time to time.

Required skills:
• Expertise in Splunk Enterprise architecture including indexers, search heads, deployment servers, and forwarders
• Advanced knowledge of Unix/Linux systems administration and troubleshooting
• Experience with Splunk deployment and configuration management in large-scale environments
• Proficiency in writing complex Splunk queries, dashboards, and alerts using SPL (Search Processing Language)
• Strong scripting skills in Bash, Python, or Perl for automation and integration tasks
• Experience with Splunk upgrades, patching, and performance tuning
• Proficiency in integrating Splunk with cloud platforms (AWS, GCP, Azure)
• Understanding of security and compliance requirements and implementation of role-based access controls (RBAC) in Splunk
• Experience with REST APIs for Splunk and external system integration
• Strong knowledge of logging standards and best practices across application and infrastructure layers
• Ability to analyze and troubleshoot complex data ingestion and parsing issues

Experience Level:
o A minimum of thirteen (13) to twenty (20) years' relevant experience.

Education:
o A degree from an accredited College/University in the applicable field of services is preferred. Four additional years of relevant experience in lieu of a college degree is required. If the individual's degree is not in the applicable field, then four additional years of related experience is required.

Certifications : (One or more required )
-CompTIA Security +
-CPTE - Certified Penetration Testing Engineer or CEH - Certified Ethical Hacker -CISA - Certified Information Systems Auditor CISSP CISSP-ISSEP CISSP-ISSAP CISSP-ISSMP preferred

Additional Provisions:
• Must be able to obtain a Public Trust Clearance
• Pass both a client mandated clearance process to include drug screening, criminal history check and credit check.
• All candidates must be a US Citizen or US Permanent Resident.
• Candidate must have lived in the United States for the past 5 years.
• Cannot have more than 6 months travel outside the United States within the last five years. Military Service excluded. (Exception does not include military family members.)
#CJJOBS

Job Schedule