"Alerted.org

Job Description

A client of Insight Global is looking for an experienced Splunk Cloud Architect to support federal agencies in enhancing security monitoring, log management, and observability solutions. This role involves designing, implementing, and maintaining Splunk Cloud environments, including architecting multi-organization setups and leading the migration of a high-volume Splunk Enterprise cluster (20TB/day) to Splunk Cloud. The ideal candidate will possess deep expertise in Splunk administration, cloud infrastructure, and federal compliance standards, with strong collaboration skills to deliver scalable, secure solutions. This position offers the opportunity to drive impactful federal IT initiatives while working remotely within an innovative and supportive team.

Compensation: $80/hr. -- 87/hr. Exact compensation may vary based on several factors, including skills, experience, and education. Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to [email protected] learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

Skills and Requirements

• 5+ years of experience in Splunk administration, with at least 2 years focused on Splunk Cloud environments.

• Proven experience architecting multi-organization Splunk Cloud deployments, including tenant isolation and cross-org data sharing.

• Hands-on experience migrating large-scale Splunk Enterprise clusters (e.g., 20TB/day) to Splunk Cloud, with expertise in data optimization and performance tuning.

• Proficiency in Splunk Core, Splunk Cloud, and related tools (e.g., Splunk ES, ITSI, Phantom for SOAR).

• Hands-on experience with data ingestion, search processing language (SPL), dashboard development, and machine learning toolkit (MLTK).

• Strong knowledge of cloud platforms (AWS, Azure, or GCP) and integration with Splunk (e.g., AWS Lambda, Azure Event Hubs).

• Experience with scripting languages (Python, Bash) and automation tools (Ansible, Terraform) for Splunk deployments.

• Familiarity with federal IT security standards (e.g., FISMA, NIST, RMF) and log management in regulated environments.

• Excellent problem-solving skills, with the ability to troubleshoot complex issues in distributed, high-volume systems.

• Strong communication skills for technical and non-technical audiences. • Splunk certifications (e.g., Splunk Certified Architect, Splunk Cloud Certified Admin, Splunk Enterprise Security Certified Admin).

• Experience supporting federal agencies (e.g., CMS, DoD, DHS) or healthcare environments with Splunk for SIEM and compliance.

• Knowledge of SIEM integrations with tools like Microsoft Sentinel, ELK Stack, or ArcSight.

• Bachelor's degree in Computer Science, Information Technology, or a related field.

• Experience with containerization (Docker, Kubernetes) and microservices architectures in cloud environments.