Splunk Engineer

Splunk Engineer

Job Locations


US-VA-Herndon | US-MD-Riverdale

Requisition ID


View phone number on click.appcast.io

Position Category


Information Technology

Clearance


Top Secret/SCI w/Poly

Responsibilities

The Mid-Level Splunk Engineer supports enterprise-wide monitoring, alerting, and analytics across the customer's operational and security environments. This position develops and maintains custom Splunk dashboards, visualizations, and alerts that provide actionable insights for NOC and SOC personnel. The engineer ensures data integrity, visibility, and system performance across mission-critical networks and applications supporting government operations. This role bridges IT operations and cybersecurity by delivering analytics solutions that enhance situational awareness, reduce incident response time, and support compliance with NIST 800-171, and DoD 8570 requirements.

Key Responsibilities

Design, develop, and maintain custom Splunk dashboards, alerts, and reports to support both NOC and SOC operations.
• Onboard new data sources including network appliances, servers, security tools, and applications using forwarders, APIs, and syslog integrations.
• Implement data normalization using the Splunk Common Information Model (CIM) to support consistent reporting and event correlation.
• Develop and optimize SPL queries, regex extractions, and macros for high-performing searches and visualizations.
• Configure and tune threshold-based and adaptive alerts for system performance, security, and application availability.
• Collaborate with NOC and SOC analysts to define KPIs and ensure accurate visibility into network health and security posture.
• Support incident detection, triage, and root cause analysis using Splunk dashboards and search tools.
• Monitor and maintain the health and performance of Splunk Enterprise / Splunk Cloud environments.
• Integrate Splunk with automation/orchestration tools (e.g., Ansible, ServiceNow, SOAR platforms) for improved workflow efficiency.
• Document data source onboarding, dashboard configuration, and analytic processes in accordance with program SOPs.

Key Competencies

• Strong analytical and problem-solving skills.
• Ability to work under pressure in mission-critical environments.
• Detail-oriented with strong organizational skills.
• Self-motivated, adaptable, and able to operate effectively in a team or independently.
• Commitment to continuous improvement and innovation in monitoring and analytics capabilities.

Qualifications

Required Qualifications

• Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or related field with 5+ years of relevant experience; Master's degree in Computer Science, Information Systems, Cybersecurity, or related field with 3+ years of relevant experience; or 4+ additional years of experience in lieu of a degree.
• TS/SCI with polygraph clearance adjudication
• 3-5 years of hands-on experience administering, configuring, and developing within Splunk Enterprise or Splunk Cloud environments.
• Demonstrated experience designing and maintaining custom dashboards, reports, and alerting frameworks.
• Strong proficiency in Splunk Search Processing Language (SPL), field extractions, and data model creation.
• Familiarity with Linux and Windows server environments, network protocols (TCP/IP, SNMP, syslog), and application log ingestion.
• Understanding of NOC/SOC workflows, event correlation, and log management best practices.
• Experience troubleshooting data ingestion, indexing, and search performance issues.
• Excellent communication, documentation, and collaboration skills.

Desired Qualifications

• Current Splunk Core Certified Power User, Admin, or Architect certification.
• Active CompTIA Security+, CySA+, CASP+, CISSP, or equivalent DoD 8570 IAT Level II.
• Experience supporting federal or DoD environments and familiarity with RMF (Risk Management Framework).
• Experience with Python scripting, REST APIs, or JSON/XML parsing for custom integrations.
• Working knowledge of NIST 800-53/171, and log retention / audit evidence requirements.
• Experience with automation, orchestration, or SIEM/SOAR integration.

Peraton offers enhanced benefits to employees working on this critical National Security program, which include heavily subsidized employee benefits coverage for you and your dependents, 25 days of PTO accrued annually up to a generous PTO cap and eligible to participate in an attractive bonus plan

Peraton Overview

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.

Target Salary Range

$112,000 - $179,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual's experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

EEO

EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.