Posted today
Public Trust
Unspecified
Unspecified
Washington, DC (On-Site/Office)
Overview
Steampunk is looking for an Splunk Engineer to join the Office of the CIO.
As a Splunk Engineer at Steampunk, you will play a key role in advancing enterprise logging and compliance initiatives across federal environments. Your primary focus will be supporting agency efforts to meet the logging, retention, and reporting requirements outlined in OMB Memorandum M-21-31. You will collaborate with system owners, application teams, and security stakeholders to identify required log sources, implement data collection strategies, and build visibility through Splunk dashboards and analytics. You will help drive the technical strategy for ensuring comprehensive log coverage across diverse environments (cloud, on-premises, and hybrid), aligning Splunk implementations with evolving cybersecurity compliance expectations.
Contributions
Responsibilities
Qualifications
Required Qualifications:
Preferred:
About steampunk
Identity Statement
As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.
Steampunk is a Change Agent in the Federal contracting industry, bringing new thinking to clients in the Homeland, Federal Civilian, Health and DoD sectors. Through our Human-Centered delivery methodology , we are fundamentally changing the expectations our Federal clients have for true shared accountability in solving their toughest mission challenges. As an employee owned company , we focus on investing in our employees to enable them to do the greatest work of their careers - and rewarding them for outstanding contributions to our growth. If you want to learn more about our story, visit http://www.steampunk.com .
Steampunk is looking for an Splunk Engineer to join the Office of the CIO.
As a Splunk Engineer at Steampunk, you will play a key role in advancing enterprise logging and compliance initiatives across federal environments. Your primary focus will be supporting agency efforts to meet the logging, retention, and reporting requirements outlined in OMB Memorandum M-21-31. You will collaborate with system owners, application teams, and security stakeholders to identify required log sources, implement data collection strategies, and build visibility through Splunk dashboards and analytics. You will help drive the technical strategy for ensuring comprehensive log coverage across diverse environments (cloud, on-premises, and hybrid), aligning Splunk implementations with evolving cybersecurity compliance expectations.
Contributions
Responsibilities
- Lead and support enterprise efforts to achieve M-21-31 compliance through effective log collection, retention, and monitoring strategies.
- Work with system, application, and network teams to identify and onboard required log sources across various infrastructure types.
- Design, develop, and maintain Splunk dashboards, searches, and alerts that demonstrate compliance and improve operational awareness.
- Optimize Splunk data ingestion, ensuring log taxonomy, timestamp normalization, and data quality meet compliance and visibility needs.
- Provide strategic guidance on log architecture and security monitoring approaches that align with agency cybersecurity policies.
- Analyze existing systems and recommend improvements to log coverage, storage efficiency, and retention consistency.
- Develop documentation, runbooks, and training materials to support sustainable logging practices and knowledge sharing.
- Partner with compliance and program management teams to respond to audit requests and reporting requirements.
Qualifications
Required Qualifications:
- 7+ years of IT experience, including at least 3 years in cybersecurity (or equivalent experience based on degree level).
- 5+ years of hands-on Splunk experience, including data onboarding, optimization, and dashboard creation.
- Strong understanding of logging, monitoring, and alerting practices in large-scale enterprise or federal environments (500+ servers).
- Familiarity with M-21-31, Zero Trust, and related NIST or Executive Order 14028 compliance requirements.
- Experience integrating Splunk with vulnerability management, authentication, and cloud service logs.
- Knowledge of common infrastructure and application logging sources such as Windows Event Logs, Sysmon, Linux syslogs, AWS CloudTrail, and container logs.
- Demonstrated ability to work cross-functionally with technical and non-technical teams.
- Excellent communication, documentation, and presentation skills.
Preferred:
- Bachelor's degree in a technical field (e.g., Computer Science, Information Technology, Cybersecurity, or related field)
- Experience in federal cybersecurity environments or supporting agency compliance programs.
- Familiarity with log source prioritization frameworks and data governance practices.
- Experience with cloud-native logging tools (e.g., AWS CloudWatch, Azure Monitor, GCP Logging).
- Security or logging-related certifications (e.g., Splunk Core Certified Power User, Splunk Enterprise Certified Admin, CISSP, CEH).
About steampunk
Identity Statement
As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.
Steampunk is a Change Agent in the Federal contracting industry, bringing new thinking to clients in the Homeland, Federal Civilian, Health and DoD sectors. Through our Human-Centered delivery methodology , we are fundamentally changing the expectations our Federal clients have for true shared accountability in solving their toughest mission challenges. As an employee owned company , we focus on investing in our employees to enable them to do the greatest work of their careers - and rewarding them for outstanding contributions to our growth. If you want to learn more about our story, visit http://www.steampunk.com .
group id: 10150207
N
