Splunk Architect
Posted at: 07/10/2025
Raleigh, NC
- IT - Niche - Contract - Job ID: 25-14925
Title: Splunk Engineer / Architect
Location: Raleigh, NC (HYBRID)
Duration: 12 - 18 Months
Compensation: $57.00 - $60.00
Work Requirements: USC, GC or Authorized to work in US
Splunk Engineer / Architect
Responsibilities:
Administer the Splunk based log management system and analyze the current logging capabilities.
Ensure the Agency Information Security systems administered by the Team are sending all required logs to the log management system.
Ensure the Cisco Information Security systems administered by the Team are sending all required logs to the log management system.
Maintain the Log Management and Security Information and Event Management (SIEM) system to collect and aggregate IDS/IPS data from network sensors, raw data from collection agents, firewalls (including but not limited to Layer 7 Application Firewalls), proxy servers, DLP, antivirus/endpoint protection software, and vulnerability scanner elements, and other important systems.
Tune the SIEM and IDS/Intrusion Prevention System (IPS) events to minimize false positives.
Generate vulnerability tickets in Jira and ServiceNow for vulnerability remediation.
Tune the capabilities as practicable to improve efficiency and ensure that reporting capabilities of the log management system are working properly.
Validate that Cisco-GTTS log retention requirements are configured properly within the Cisco-GTTS log management system.
Identify shortfalls in the current capability and identify systems that are not sending logs to the Cisco-GTTS log management system.
Work in conjunction with GTTS-SOC to develop required dashboards and Splunk Playbook.
Rmend improvements to current processes.
Provide technical guidance to administrators of other IT systems to ensure their logs are sent to the Cisco-GTTS's log management system.
Configure Cisco-GTTS's log management system role-based access controls so that logs for specific systems can only be accessed by designated administrators.
Integrate Qmulos within Splunk log and managepliance within Qmulos.
Configure Splunk User Behavior Analytics working with the Security team.
Working with the security team, develop SOAR - Security Orchestration, Automation and Response strategies.
Required Qualifications:
7 years of experience with Splunk
Minimum 10 years of relevant experience
Must have Splunk Architect Certification
Experience in architecture, design, support, maintenance, and expansion of an enterprise log management/SIEM infrastructure in a highly resilient configuration
Experience in monitoring an enterprise log management/SIEM server and agent infrastructure for capacity planning and system optimization
Experience in deployment, configuration, and maintenance of log forwarder agents across a variety of UNIX and Windows platforms
USA Citizen
Experience in collaboration with a variety of IT stakeholders in design and maintenance of production-quality log management/SIEM reports and dashboards to support data analysis and visualization
Experience in creation and maintenance of documentation related to log management/SIEM infrastructure configuration and operational processes
Advanced system administration skills with Linux operating systems
Knowledge of regular expression, scripting, and application development languages (e.g., Python, Perl, JavaScript, Linux shell scripting)
Understanding of security best practices
Experience with cloud platforms (e.g., AWS, Azure) and Splunk Cloud
Knowledge of cybersecurity principles and experience in security operations
Preferred Qualifications:
Experience with security incident response and vulnerability management
Experience migrating from on-premises Splunk to Splunk Cloud
TS clearance (optional)
Our benefits package includes:
Comprehensive medical benefits
Competitive pay
401(k) retirement plan
and much more!
About INSPYR Solutions
Technology is our focus and quality is ourmitment. As a national expert in delivering flexible technology and talent solutions, we strategically align industry and technical expertise with our clients' business objectives and cultural needs. Our solutions are tailored to each client and include a wide variety of professional services, project, and talent solutions. By always striving for excellence and focusing on the human aspect of our business, we work seamlessly with our talent and clients to match the right solutions to the right opportunities. Learn more about us at inspyrsolutions.
INSPYR Solutions provides Equal Employment Opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law requirements, INSPYR Solutionsplies with applicable state and local laws governing nondiscrimination in employment in every location in which thepany has facilities.
25-14925
Posted at: 07/10/2025
Raleigh, NC
- IT - Niche - Contract - Job ID: 25-14925
Title: Splunk Engineer / Architect
Location: Raleigh, NC (HYBRID)
Duration: 12 - 18 Months
Compensation: $57.00 - $60.00
Work Requirements: USC, GC or Authorized to work in US
Splunk Engineer / Architect
Responsibilities:
Administer the Splunk based log management system and analyze the current logging capabilities.
Ensure the Agency Information Security systems administered by the Team are sending all required logs to the log management system.
Ensure the Cisco Information Security systems administered by the Team are sending all required logs to the log management system.
Maintain the Log Management and Security Information and Event Management (SIEM) system to collect and aggregate IDS/IPS data from network sensors, raw data from collection agents, firewalls (including but not limited to Layer 7 Application Firewalls), proxy servers, DLP, antivirus/endpoint protection software, and vulnerability scanner elements, and other important systems.
Tune the SIEM and IDS/Intrusion Prevention System (IPS) events to minimize false positives.
Generate vulnerability tickets in Jira and ServiceNow for vulnerability remediation.
Tune the capabilities as practicable to improve efficiency and ensure that reporting capabilities of the log management system are working properly.
Validate that Cisco-GTTS log retention requirements are configured properly within the Cisco-GTTS log management system.
Identify shortfalls in the current capability and identify systems that are not sending logs to the Cisco-GTTS log management system.
Work in conjunction with GTTS-SOC to develop required dashboards and Splunk Playbook.
Rmend improvements to current processes.
Provide technical guidance to administrators of other IT systems to ensure their logs are sent to the Cisco-GTTS's log management system.
Configure Cisco-GTTS's log management system role-based access controls so that logs for specific systems can only be accessed by designated administrators.
Integrate Qmulos within Splunk log and managepliance within Qmulos.
Configure Splunk User Behavior Analytics working with the Security team.
Working with the security team, develop SOAR - Security Orchestration, Automation and Response strategies.
Required Qualifications:
7 years of experience with Splunk
Minimum 10 years of relevant experience
Must have Splunk Architect Certification
Experience in architecture, design, support, maintenance, and expansion of an enterprise log management/SIEM infrastructure in a highly resilient configuration
Experience in monitoring an enterprise log management/SIEM server and agent infrastructure for capacity planning and system optimization
Experience in deployment, configuration, and maintenance of log forwarder agents across a variety of UNIX and Windows platforms
USA Citizen
Experience in collaboration with a variety of IT stakeholders in design and maintenance of production-quality log management/SIEM reports and dashboards to support data analysis and visualization
Experience in creation and maintenance of documentation related to log management/SIEM infrastructure configuration and operational processes
Advanced system administration skills with Linux operating systems
Knowledge of regular expression, scripting, and application development languages (e.g., Python, Perl, JavaScript, Linux shell scripting)
Understanding of security best practices
Experience with cloud platforms (e.g., AWS, Azure) and Splunk Cloud
Knowledge of cybersecurity principles and experience in security operations
Preferred Qualifications:
Experience with security incident response and vulnerability management
Experience migrating from on-premises Splunk to Splunk Cloud
TS clearance (optional)
Our benefits package includes:
Comprehensive medical benefits
Competitive pay
401(k) retirement plan
and much more!
About INSPYR Solutions
Technology is our focus and quality is ourmitment. As a national expert in delivering flexible technology and talent solutions, we strategically align industry and technical expertise with our clients' business objectives and cultural needs. Our solutions are tailored to each client and include a wide variety of professional services, project, and talent solutions. By always striving for excellence and focusing on the human aspect of our business, we work seamlessly with our talent and clients to match the right solutions to the right opportunities. Learn more about us at inspyrsolutions.
INSPYR Solutions provides Equal Employment Opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law requirements, INSPYR Solutionsplies with applicable state and local laws governing nondiscrimination in employment in every location in which thepany has facilities.
25-14925
Job ID: 485071999
Originally Posted on: 7/13/2025
Want to find more Construction opportunities?
Check out the 173,987 verified Construction jobs on iHireConstruction
Similar Jobs
Sign Up for Job Alerts
