SIGN IN
Splunk Architect jobs in United States
cer-icon
Apply on Employer Site
company-logo

UltraViolet Cyber · 23 hours ago

Splunk Architect

positionHerndon, VA
timeFull-time
remoteOnsite
senioritySenior Level
money$160K/yr - $210K/yr
date7+ years exp
UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite of security operations solutions. They are seeking a highly experienced Splunk SIEM Architect to lead the design and evolution of their enterprise security monitoring platform, enabling effective threat detection, incident response, and compliance across the organization.
ComputerInformation TechnologyNetwork Security
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Architect and maintain an enterprise-grade Splunk SIEM platform supporting SOC operations and security use cases
Design and optimize Splunk architecture including indexer clusters, search head clusters, data pipelines, and retention strategies to support security telemetry at scale
Lead architecture decisions for Splunk Enterprise Security (ES) or equivalent security frameworks
Align Splunk architecture with MITRE ATT&CK, threat detection, and incident response workflows
Design secure and scalable ingestion for diverse security data sources, including: Network, endpoint, identity, and cloud security logs EDR, NDR, firewalls, IDS/IPS, IAM, and SaaS platforms
Ensure data quality through effective parsing, normalization, CIM compliance, and enrichment
Implement data onboarding standards and validation processes to support reliable detections
Partner with SOC and detection engineering teams to Enable high-confidence correlation searches and alerts Improve signal-to-noise ratio and reduce false positives Support threat hunting and investigative workflows
Optimize Splunk searches, data models, and acceleration for real-time and near-real-time detections
Support incident response, forensic investigations, and post-incident reviews
Establish Splunk security, access controls, and role-based permissions
Lead Splunk performance tuning, health monitoring, and troubleshooting
Plan and manage capacity, licensing, and cost optimization for security workloads
Lead platform upgrades, migrations (on‑prem to cloud), and disaster recovery planning
Define Splunk architectural standards, documentation, and operational runbooks
Serve as the Splunk SIEM subject matter expert across the organization
Mentor and guide Splunk engineers, security analysts, and administrators
Translate security and compliance requirements into scalable technical solutions
Collaborate with compliance, risk, and audit teams to support regulatory needs

Qualification

Splunk SIEMSplunk Enterprise SecurityData onboardingPerformance tuningThreat detectionLinux/Unix systemsScripting PythonScripting BashMITRE ATT&CKCompliance frameworksCommunication skillsCollaborationMentoring

Required

US Citizenship Required
Must have an Active Secret Clearance
Experience supporting Federal government agencies
Splunk certifications (especially Splunk Enterprise Security Certified Admin or Splunk Architect)
7+ years of hands-on experience with Splunk in security/SIEM environments
Proven experience designing and supporting Splunk Enterprise Security (ES) or comparable SIEM solutions
Deep expertise in: Indexer and Search Head Clustering
Data onboarding, props/transforms, and CIM
Performance tuning for security workloads
Strong understanding of SOC operations, incident response, and threat detection
Experience with Linux/Unix systems
Proficiency in scripting (Python, Bash, or similar)
Experience integrating Splunk with security tools and cloud platforms (AWS, Azure, GCP)
Strong communication skills with both technical security teams and leadership
Experience with MITRE ATT&CK mapping, detection engineering, or threat hunting
Familiarity with compliance frameworks such as SOC 2, PCI-DSS, HIPAA, ISO 27001
Experience supporting 24x7 SOC environments
Exposure to SOAR platforms and automated response workflows

Benefits

401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed
Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment)
Group Term Life, Short-Term Disability, Long-Term Disability
Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness
Participation in the Discretionary Time Off (DTO) Program
11 Paid Holidays Annually

Company

UltraViolet Cyber

twittertwittertwitter
company-logo
UltraViolet Cyber is a platform-enabled unified security operations firm that offers a full range of security operations solutions.
dateFounded in 2023
location
Mclean, Virginia, USA
people-size501-1000 employees
web-link
https://www.uvcyber.com

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Srikanth Parepally
Co-Founder, President
linkedin

Recent News

PR Newswire
UltraViolet Cyber Named to Inc. 5000 List of America's Fastest-Growing Private Companies in 2025
2025-08-13
PR Newswire
Fast-Growing Cybersecurity Provider Supports U.S. Government Agencies in Addressing Expanding Threat Exposure ...
2024-02-10
The Business Journals
DC Inno - Inno on Fire: These D.C.-area companies are ...
2024-01-27
Company data provided by crunchbase