Splunk Engineer

Remote | Full Time | Secret Clearance

SteelGate is seeking a skilled Splunk Engineer with at least 6 years of Splunk experience to join our cybersecurity / IT operations team within a dynamic defense agency environment. The ideal candidate will manage two other Splunk Administrators, drive the deployment, management, and optimization of Splunk Enterprise, Splunk User Behavior Analytics (UBA), Splunk Security Orchestration, Automation and Response (SOAR), and other Splunk monitoring/reporting capabilities to support mission-critical systems and cybersecurity goals. This role requires practical, hands-on experience working within secure, compliance-driven environments, a proactive approach to daily operations, and the desire/ability to grow other technical professionals.

Requirements:
• 6 years of documented Splunk experience. (It must be in your resume)
• DoW Secret security clearance
• DoD 8140/8570 IAT II (Security+ or higher)
• Splunk Certified Administrator or higher

Key Responsibilities include:
• Splunk Platform Management: Install, configure, and maintain Splunk Enterprise, UBA, and SOAR in both on-premises and cloud/hybrid architectures; perform system upgrades, patching, and troubleshooting. Strong preference for any Oracle cloud experience.
• UBA and SOAR Optimization: Customize and fine-tune UBA models for behavioral analytics; configure playbooks, integrations, and automated actions within SOAR to accelerate threat response. Coordinate directly with on-prem/cloud infrastructure teams to maintain and deploy these modules.
• Team Leadership & Mentoring: Supervise, mentor, and provide technical guidance to junior Splunk team members and peers; delegate tasks, review work quality, facilitate skills development, and foster a collaborative team environment in alignment with mission objectives.
• Security and Compliance: Implement and maintain Splunk best practices in accordance with defense agency security policies, compliance requirements, and data retention standards. Experience with STIGs mandatory.
• Incident Handling: Respond to incidents with appropriate logs and reports; proactively troubleshoot any log/analytic abnormalities preventatively.
• Collaboration & Agile Delivery: Work within Agile project teams, attending ceremonies (stand-ups, sprints, retrospectives) and using Jira for ticketing, backlog tracking, and documentation.
• Knowledge Sharing: Develop, update, and share technical documentation, standard operating procedures (SOPs), runbooks, and knowledge articles in alignment with agency practices. Work with many small, medium, and large teams to achieve agency and program objectives.
• Log Management and Analysis: Aggregate and parse logs from diverse data sources; develop and maintain dashboards, reports, alerts, and custom searches to surface actionable intelligence.
Skills:
• Mastery in deploying and managing Splunk Enterprise, UBA, SOAR, and other Splunk modules.
• Experience using scripting (e.g., Python, Bash) for automation and data manipulation.
• Mastery in designing and tuning Splunk searches, dashboards, alerts, and CIM compliance.
• Experience with log sources common to defense/enterprise networks (Windows, Linux, network appliances, security devices).
• Experience using Jira for workflow management and Agile methodologies for project delivery.
• Must be able to manage a small team of technical professionals, as well and coordinate with other managers as peers in a matrixed organization.
• Strong analytical and problem-solving skills; detail-oriented with a focus on operational excellence.
• Skilled communicator, able to collaborate with IT, cybersecurity, and mission teams in written and verbal communications with a positive attitude and customer-first approach. Strong preference for experience briefing senior/executive leadership (both commercial and Federal).
• Proactive learner—stays current on Splunk and security operations best practices.

Job Types: Full-Time, Remote

Salary: $145,000 - $155,000

Schedule: Monday-Friday

Benefits:

• 401(k) matching

• Full Medical

• Paid time off

• Professional development assistance

STEELGATE LLC is a Service-Disabled, Veteran-Owned Small Business (SDVOSB) that prides itself in hiring top-level Subject Matter Experts (SME’s) proven to exceed deliverable expectations. STEELGATE LLC is focused on solving the hard problems facing our government and commercial clients. Our success lies in blending together relevant domain/functional knowledge with deep expertise in Information Technology, Cybersecurity, Defensive Cyber Operations, cloud-based DevSecOps, Data Analytics & AI, Acquisition and Acquisition Management, and more. STEELGATE LLC has a positive, inclusive workplace environment where all team members and partners work towards mutual success. We have established a reliable reach-back program whereas all SMEs are available to support, advise and directly complete mission deliverables when necessary. STEELGATE LLC has a worldwide reputation as a valued and trustworthy partner. Our can-do attitude and willingness to support any mission requirement sets us apart from other small business organizations. Find out more about STEELGATE LLC @ www.steelgatellc.com.

We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by law.