Peraton · 1 month ago
Splunk Engineer
US-MD-Riverdale
Full-time
Onsite
Mid Level
$112K/yr - $179K/yr
3+ years expPeraton is a next-generation national security company that drives missions of consequence spanning the globe. The Mid-Level Splunk Engineer supports enterprise-wide monitoring, alerting, and analytics across the customer’s operational and security environments, developing and maintaining custom Splunk dashboards and ensuring data integrity and performance across mission-critical networks and applications.
Information TechnologyRobotics
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Design, develop, and maintain custom Splunk dashboards, alerts, and reports to support both NOC and SOC operations
Onboard new data sources including network appliances, servers, security tools, and applications using forwarders, APIs, and syslog integrations
Implement data normalization using the Splunk Common Information Model (CIM) to support consistent reporting and event correlation
Develop and optimize SPL queries, regex extractions, and macros for high-performing searches and visualizations
Configure and tune threshold-based and adaptive alerts for system performance, security, and application availability
Collaborate with NOC and SOC analysts to define KPIs and ensure accurate visibility into network health and security posture
Support incident detection, triage, and root cause analysis using Splunk dashboards and search tools
Monitor and maintain the health and performance of Splunk Enterprise / Splunk Cloud environments
Integrate Splunk with automation/orchestration tools (e.g., Ansible, ServiceNow, SOAR platforms) for improved workflow efficiency
Document data source onboarding, dashboard configuration, and analytic processes in accordance with program SOPs
Qualification
Required
Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or related field with 5+ years of relevant experience; Master's degree in Computer Science, Information Systems, Cybersecurity, or related field with 3+ years of relevant experience; or 4+ additional years of experience in lieu of a degree
TS/SCI with polygraph clearance adjudication
3–5 years of hands-on experience administering, configuring, and developing within Splunk Enterprise or Splunk Cloud environments
Demonstrated experience designing and maintaining custom dashboards, reports, and alerting frameworks
Strong proficiency in Splunk Search Processing Language (SPL), field extractions, and data model creation
Familiarity with Linux and Windows server environments, network protocols (TCP/IP, SNMP, syslog), and application log ingestion
Understanding of NOC/SOC workflows, event correlation, and log management best practices
Experience troubleshooting data ingestion, indexing, and search performance issues
Excellent communication, documentation, and collaboration skills
Preferred
Current Splunk Core Certified Power User, Admin, or Architect certification
Active CompTIA Security+, CySA+, CASP+, CISSP, or equivalent DoD 8570 IAT Level II
Experience supporting federal or DoD environments and familiarity with RMF (Risk Management Framework)
Experience with Python scripting, REST APIs, or JSON/XML parsing for custom integrations
Working knowledge of NIST 800-53/171, and log retention / audit evidence requirements
Experience with automation, orchestration, or SIEM/SOAR integration
Benefits
Heavily subsidized employee benefits coverage for you and your dependents
25 days of PTO accrued annually up to a generous PTO cap
Eligible to participate in an attractive bonus plan
Company
Peraton
Peraton Fearlessly solving the toughest national security challenges.
10001+ employees
Funding
Current Stage
Late StageLeadership Team
Thomas Terjesen
Chief Information Officer
Recent News
2025-09-25
Company data provided by crunchbase