Senior Splunk Engineer

Senior Splunk Engineer

AMERICAN SYSTEMS

remote work Mar 30, 2026 Senior Splunk Engineer Location US-MT-Malmstrom AFB ID 2026-4203 Category IT / Cyber Security / Network Systems Position Type Full-Time Remote No Clearance Required Top Secret/SCI Overview

AMERICAN SYSTEMS

supports the mission of The US Space Force. Support includes assessing independent Local Area Networks (LANs); executing LAN collapse procedures; procuring authorized LAN equipment for network expansion or upgrades; conducting on-site surveys for new LAN locations; determining and documenting customer and technical requirements; transporting, configuring, and installing new equipment; and implementing all required services to make new locations fully operational networks. Responsibilities

AMERICAN SYSTEMS

is seeking a professional with 8 - 10 years of experience and TS/SCI Clearance to be our next Senior Splunk Engineer at Malmstrom AFB, Montana. Platform Engineering & Administration I nstall, configure, and maintain Splunk Enterprise and Splunk ES in classified, air-gapped, or cross-domain environments. Manage distributed architectures (indexers, search heads, cluster masters, deployment servers, forwarders) with a focus on reliability, performance, and security. Perform upgrades, patching, app deployment, performance tuning, and capacity planning. Implement and maintain backup/restore, DR procedures, and system hardening in accordance with DoD/IC and organizational policies. Data Onboarding & Normalization Onboard logs from servers, network devices, security appliances, applications, and specialized classified systems. Develop and manage inputs, props, transforms, field extractions, and parsing to ensure high-quality, normalized data (CIM-compliant where applicable). Work with system owners and engineers to define logging requirements that support auditing, incident reconstruction, and compliance. Integrate Splunk with existing security tooling and infrastructure (e.g., host-based security, IDS/IPS, vulnerability scanners, identity systems). Detection, Dashboards & Reporting Develop searches, correlation logic, alerts (where appropriate), and dashboards to surface security-relevant activity, system health, and compliance status. Create role-specific dashboards for cybersecurity staff, ISSOs/ISSMs, system administrators, and leadership. Support audit and inspection preparation (e.g., RMF, JSIG, NIST 800-53, CNSSI 1253) by building reports and evidence queries from Splunk. Implement and maintain data models, lookups, and other knowledge objects to support efficient analysis and reporting. Security & Compliance Alignment Ensure Splunk configurations and data flows comply with classified environment requirements, including handling caveats, data segregation, and need-to-know. Implement strict RBAC, data access controls, and logging of administrative actions. Support RMF and related processes by providing visibility into control effectiveness (e.g., AU-2, AU-6, AU-12, SI-4). Assist with continuous monitoring activities using Splunk as a key evidence and monitoring platform. Collaboration & Technical Leadership (Non-SOC) Collaborate with cybersecurity engineers, ISSOs/ISSMs, system administrators, and network engineers to embed Splunk into system designs and modernization efforts. Provide expert guidance on how to leverage Splunk for troubleshooting, audit support, and security visibility. Mentor junior engineers and administrators on Splunk best practices, SPL queries, and platform usage. Contribute to Splunk standards, runbooks, and engineering documentation tailored for the classified environment. Qualifications Required Qualifications Active TS/SCI with CI Ploy clearance (or eligibility) as required by the program. Bachelor's degree in Computer Science, Information Security, Information Systems, or equivalent experience. 8 - 10 years of experience with approximately 4-8 years of IT/cybersecurity experience, with at least 3+ years of hands-on Splunk Enterprise administration/engineering. Demonstrated experience supporting Splunk in highly regulated or secure environments (DoD, IC, federal, defense contractor, or similar). Proficiency with SPL, including complex searches, statistical commands, sub searches, lookups, and dashboard creation. Experience onboarding and normalizing data from: Windows and Linux systems Network infrastructure (routers, switches, firewalls, proxies) Security tools (AV/EDR, IDS/IPS, vulnerability scanners, identity systems) Strong understanding of information security principles and controls (logging, monitoring, auditing, least privilege, configuration management). Familiarity with NIST 800-53, RMF, JSIG, or similar frameworks applicable to classified systems. Preferred Qualifications Splunk certifications (e.g., Splunk Core Certified Power User, Splunk Core Certified Admin, Splunk Enterprise Security Certified Admin). Experience operating Splunk in air-gapped, disconnected, or cross-domain (CDS) architectures. Scripting skills (Python, PowerShell, Bash) for automation, integrations, and data manipulation. Experience with configuration management and infrastructure-as-code (Ansible, Puppet, Chef, Terraform, or similar). DoD 8570/8140-compliant certification (e.g., Security+, CySA+, CASP+, CISSP, GSLC, GSEC) as required for

IAT/IASAE

roles. Background in one or more of: systems administration, network engineering, or cyber engineering in classified environments. Skills & Competencies Ability to work effectively in a classified, process-driven environment with strong attention to detail and documentation. Strong analytical and problem-solving skills; able to independently diagnose Splunk and data pipeline issues. Clear and concise communication skills for collaboration with technical teams and security leadership. Self-directed and able to prioritize tasks to support mission and compliance deadlines. Working Conditions Onsite work in a secure facility; remote work is typically limited or unavailable. Standard business hours with occasional off-hours work for maintenance, accreditation activities, or mission needs. Pay Transparency Statement

AMERICAN SYSTEMS

is committed to pay transparency for our applicants and employee-owners. The salary range for this position is USD $136,000.00/Yr. - USD $227,100.00/Yr. Actual compensation will be determined based on several factors permitted by law.

AMERICAN SYSTEMS

provides for the welfare of its employees and their dependents through a comprehensive benefits program by offering healthcare benefits, paid leave, retirement plans, insurance programs, and education and training assistance. EEO Statement EEO Race/Sex/Disability Status/Veteran Status