Splunk Architect

Blu Omega is seeking a Splunk Architect and play a critical role in shaping and enhancing a sophisticated SIEM environment within the TSA CND program. You will leverage your expertise to optimize data ingestion, improve search performance, and develop security content that safeguards our nation's assets. This is a unique opportunity to contribute to high-impact security operations in a hybrid work setting, supporting a mission-critical environment with your innovative solutions and technical prowess.

Location
Hybrid (Remote and On-Site as required)

Clearance Needed
Active Secret Clearance Required

Responsibilities:

• Design, develop, and optimize Splunk workflows, dashboards, and security content to meet operational needs.
• Lead data onboarding and ingestion strategies to ensure comprehensive and accurate security monitoring.
• Manage and maintain custom Splunk apps and add-ons, including field extractions, event types, tags, and lookups.
• Troubleshoot and resolve issues related to Splunk infrastructure, data onboarding, and search performance to ensure seamless operations.
• Collaborate with security teams to integrate diverse data sources such as network devices, firewalls, IDS/IPS, and endpoint security solutions.
• Document configurations, processes, and operational procedures to support ongoing maintenance and knowledge sharing.

Qualifications:

• Minimum of 5 years of experience in designing, developing, and managing Splunk SIEM solutions.
• Hands-on experience with log collection, event correlation, data normalization, and adapting data sources into Splunk.
• Strong understanding of SIEM best practices and industry standards.
• Proficiency in scripting languages such as Python and PowerShell.
• Experience developing custom Splunk apps and knowledge objects.
• Ability to troubleshoot complex Splunk infrastructure, data ingestion, and search performance issues.
• Working knowledge of network architecture, security devices, firewalls, IDS/IPS, and endpoint security solutions.
• Bachelor's degree in a relevant field.

Nice to Have:

• Experience with cloud-based Splunk deployment and integration.
• Knowledge of advanced security analytics and threat detection techniques.
• Familiarity with additional scripting or programming languages beyond Python and PowerShell.
• Certifications related to Splunk or cybersecurity (e.g., Splunk Certified Architect, CISSP).

Salary Range: $135K - $150K
Our final salary offer will be based on several factors, including depth of technical skills, work experience, education, certifications, and clearance

What Blu Omega Can Offer You:

• Competitive benefits including Health Insurance, 401K w/ match, Paid Time Off and more.
• Results driven culture that embrace our core values
• Rewarding work contributing to our Nation's mission critical programs

Blu Omega is a Woman Owned Small Business Federal Technology services firm headquartered in Washington DC and supporting clients nationally. We provide Technology solutions for enterprise and government customers. Our team has a past performance in a diverse range of programs including those for Data Management, Cloud/Infrastructure, Software Development and Enterprise Applications.

An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

#CJ