Splunk Administrator jobs in United States
cer-icon
Apply on Employer Site
company-logo

Conviso Inc. · 8 hours ago

Splunk Administrator

positionUnited States
timeFull-time
remoteRemote
seniorityMid Level
date4+ years exp

Conviso Inc. is seeking a skilled Splunk Administrator/Operator to join their cybersecurity / IT operations team within a dynamic defense agency environment. The role involves driving the deployment, management, and optimization of Splunk solutions to support mission-critical systems and cybersecurity goals.

Business IntelligenceCloud ComputingData ManagementInformation TechnologySoftwareStaffing Agency
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote
Hiring Manager
Sushil Ray
linkedin

Responsibilities

Install, configure, and maintain Splunk Enterprise, UBA, and SOAR in both on-premises and cloud/hybrid architectures; perform system upgrades, patching, and troubleshooting
Customize and fine-tune UBA models for behavioral analytics; configure playbooks, integrations, and automated actions within SOAR to accelerate threat response
Implement and maintain Splunk best practices in accordance with defense agency security policies, compliance requirements, and data retention standards
Respond to incidents with appropriate logs and reports; proactively troubleshoot any log/analytic abnormalities preventatively
Work within Agile project teams, attending ceremonies (stand-ups, sprints, retrospectives) and using Jira for ticketing, backlog tracking, and documentation
Develop, update, and share technical documentation, standard operating procedures (SOPs), runbooks, and knowledge articles in alignment with agency practices
Aggregate and parse logs from diverse data sources; develop and maintain dashboards, reports, alerts, and custom searches to surface actionable intelligence

Qualification

Splunk EnterpriseSplunk UBASplunk SOAROracle cloud experienceScripting PythonScripting BashLog managementJiraAnalytical skillsProactive learnerProblem-solving skillsTeam collaborationCommunication skills

Required

Active Secret security clearance is mandatory
At least 4 years of Splunk experience
Practical, hands-on experience working within secure, compliance-driven environments
Experience with STIGs mandatory
Install, configure, and maintain Splunk Enterprise, UBA, and SOAR in both on-premises and cloud/hybrid architectures
Perform system upgrades, patching, and troubleshooting
Customize and fine-tune UBA models for behavioral analytics
Configure playbooks, integrations, and automated actions within SOAR to accelerate threat response
Coordinate directly with on-prem/cloud infrastructure teams to maintain and deploy these modules
Implement and maintain Splunk best practices in accordance with defense agency security policies, compliance requirements, and data retention standards
Respond to incidents with appropriate logs and reports
Proactively troubleshoot any log/analytic abnormalities preventatively
Work within Agile project teams, attending ceremonies (stand-ups, sprints, retrospectives) and using Jira for ticketing, backlog tracking, and documentation
Develop, update, and share technical documentation, standard operating procedures (SOPs), runbooks, and knowledge articles in alignment with agency practices
Aggregate and parse logs from diverse data sources
Develop and maintain dashboards, reports, alerts, and custom searches to surface actionable intelligence
Proficient in deploying and managing Splunk Enterprise, UBA, SOAR, and other Splunk modules
Comfortable with scripting (e.g., Python, Bash) for automation and data manipulation
Experience in designing and tuning Splunk searches, dashboards, alerts, and CIM compliance
Familiarity with log sources common to defense/enterprise networks (Windows, Linux, network appliances, security devices)
Working knowledge of Jira for workflow management and Agile methodologies for project delivery
Must be able to work as a team member in a matrixed organization
Strong analytical and problem-solving skills; detail-oriented with a focus on operational excellence
Skilled communicator, able to collaborate with IT, cybersecurity, and mission teams in written and verbal communications with a positive attitude and customer-first approach
Proactive learner—stays current on Splunk and security operations best practices

Preferred

Strong preference for any Oracle cloud experience

Company

Conviso Inc.

twittertwitter
company-logo
At Conviso, we empower both government and commercial clients by delivering tailored professional services that drive success and help them overcome unique business challenges.
dateFounded in 2009
location
Luray, Virginia, USA
people-size51-200 employees
web-link
https://convisoinc.com

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Roy Quill
Chief Growth Officer (CGO)
linkedin
Company data provided by crunchbase