"Alerted.org

Job Description

A client of Insight Global is seeking a Splunk SME to lead the implementation, administration, and migration of Splunk Cloud environments. This role involves designing and managing multi-organization, multi-cloud Splunk Cloud architectures with secure tenant isolation and cross-org data access. Responsibilities include onboarding diverse data sources, optimizing indexes and knowledge objects, and deploying advanced features such as Splunk Enterprise Security (ES), IT Service Intelligence (ITSI), and User Behavior Analytics (UBA). The candidate will spearhead the migration of large-scale Splunk Enterprise clusters to the cloud, ensuring performance, compatibility, and minimal downtime. Integration with AWS, Azure, and on-prem systems is essential, along with automation using Splunk SDKs and CI/CD pipelines. A strong focus on security and compliance—including RBAC, encryption, audit logging, and adherence to FISMA, NIST 800-53, and HIPAA—is required. Collaboration with cross-functional teams and thorough documentation of configurations and best practices are key, as is staying current with emerging Splunk capabilities and federal regulations.

Compensation: $75/hr. -- 84/hr. Exact compensation may vary based on several factors, including skills, experience, and education. Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to [email protected] learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

Skills and Requirements

• 5+ years of experience in Splunk administration, with at least 2 years focused on Splunk Cloud environments

• Proven experience architecting multi-organization Splunk Cloud deployments, including tenant isolation and cross-org data sharing

• Proficiency in Splunk Core, Splunk Cloud, and related tools (e.g., Splunk ES, ITSI, Phantom for SOAR)

• Strong experience with federal IT security standards (FISMA, NIST, RMF)

• Excellent communication and presentation skills • Splunk certifications (e.g., Splunk Certified Architect, Splunk Cloud Certified Admin, Splunk Enterprise Security Certified Admin)

• Experience supporting federal agencies (e.g., CMS, DoD, DHS) or healthcare environments with Splunk for SIEM and compliance

• Experience with containerization (Docker, Kubernetes) and microservices architectures in cloud environments