Position Details

Type Full-Time

Experience mid

Exp. Years 3-6 years

Education Not specified

Category Cybersecurity

About this role

This role involves supporting the administration and maintenance of enterprise Splunk SIEM environments, onboarding log sources, developing dashboards, and assisting cybersecurity teams with log analysis in a remote federal setting.

Key Responsibilities

Support Splunk environments
Configure log ingestion and forwarders
Onboard data sources
Develop dashboards and reports
Troubleshoot search and indexing issues

Technical Overview

The technical environment includes Splunk Enterprise, log ingestion, dashboards, search queries, Linux and Windows logs, network protocols, and troubleshooting of performance issues.

Ideal Candidate

The ideal candidate is a mid-level cybersecurity professional with 3+ years of experience in SIEM administration, specifically with Splunk Enterprise. They possess strong troubleshooting skills, experience onboarding log sources, and supporting security operations in a federal or government environment.

Must-Have Skills

3–6 years of experience in cybersecurity operationsSIEM administrationor system engineeringHands-on experience with Splunk Enterprise or similar SIEM platformsExperience onboarding log sources and configuring Splunk forwardersExperience creating search queriesdashboardsand reportsFamiliarity with Linux or Windows system logsUnderstanding of network protocols (TCP/IPDNSHTTP)Strong troubleshooting and documentation skills

Nice-to-Have Skills

Splunk Power User or Splunk Admin certificationExperience supporting Splunk Enterprise SecurityExperience in a Security Operations Center (SOC)Familiarity with log parsingregexor scriptingExperience integrating cloudendpointor network security logs

Tools & Platforms

SplunkSplunk EnterpriseSplunk forwardersLinuxWindows

Required Skills

SplunkSplunk EnterpriseSIEMlog ingestiondashboardssearch querieslog analysisLinuxWindowsnetwork protocolsTCP/IPDNSHTTPtroubleshootinglog parsingregexscripting

Hard Skills

SplunkSplunk EnterpriseSIEMSplunk forwarderslog ingestiondashboardssearch querieslog analysisLinuxWindowsnetwork protocolsTCP/IPDNSHTTPtroubleshootinglog parsingregexscripting

Soft Skills

troubleshootingdocumentationanalytical skillsproblem-solvingcommunication

Certifications

Required

Splunk Power User or Splunk Admin certification

Preferred

Splunk Power User or Splunk Admin certificationSplunk Enterprise Security

Industry & Role

Industry Government/Public Sector

Job Function Cybersecurity SIEM administration and support

Keywords for Your Resume

SplunkSplunk EnterpriseSIEMSplunk forwarderslog ingestiondashboardssearch querieslog analysisLinuxWindowsnetwork protocolsTCP/IPDNSHTTPtroubleshootinglog parsingregexscripting

Deal Breakers

Lack of experience with Splunk Enterprise or similar SIEM platforms, No experience onboarding log sources or configuring Splunk forwarders, Less than 3 years of relevant experience, Inability to obtain necessary security clearance if required

Apply for this Position →

Get matched to jobs like this

Luna finds roles that fit your skills and career goals — no endless scrolling required.

Create a Free Profile

Cyber Defense Analyst – Intermediate (Splunk Engineer)

Get matched to jobs like this