Splunk Engineer

About This Role

Serve as the primary Splunk expert for a large Texas state agency, focusing on designing, building, and owning Splunk alerts, dashboards, and SIEM use cases in a security-focused environment. This role involves modernizing the environment with cloud and AI security, automating threat detection, and collaborating with a specialized security team.

Responsibilities

• Own Splunk engineering, data ingest, index health, dashboards, and executive reporting
• Automate threat detection techniques and workflows, including integrating with Microsoft Copilot and creating reactive alerts
• Design and implement cloud and AI security controls to protect sensitive data and critical workloads
• Manage Splunk data ingest, index health, and infrastructure performance
• Create and tune Splunk alerts, correlation searches, dashboards, and executive reports
• Add/modify Splunk alerts to triage notables using TTPs and threat intelligence
• Troubleshoot Splunk issues and drive continuous improvement of detections and visibility
• Design, implement, and manage security controls for public cloud platforms, primarily AWS
• Secure AI/ML systems including model development environments, training pipelines, APIs, and inference services
• Implement cloud security tooling (e.g., CSPM, CWPP, CIEM, container security, API security)
• Collaborate with engineering, DevOps, data science, and AI teams to embed security into CI/CD and MLOps workflows
• Design and implement security measures to protect cloud-stored data (auth, encryption, ACLs, IDS/IPS, firewalls)
• Conduct security architecture reviews, threat modeling, and risk assessments for cloud and AI initiatives
• Monitor environments for security events, investigate alerts, and support incident response activities
• Conduct forensic investigations on cyberattacks to determine root cause and future prevention
• Create, review, and update security policies and standards for public/private/hybrid cloud contexts

Requirements

• 8+ years of proven experience in security architecture and delivering secure solutions
• Strong background in cloud security, including protecting data on public cloud platforms, secure authentication, encryption, access controls, IDS/IPS, firewalls
• Hands-on experience with multi-cloud security architectures (infrastructure, tools, cloud-based application security)
• Experience consulting and engineering security best practices across an organization
• Deep understanding of cloud security risks (data breaches, broken authentication, account hijacking, malicious insiders, third parties, APTs, data loss, DoS)
• Strong threat analysis skills and ability to design solutions to mitigate security risks
• Knowledge and experience with NIST standards and ISO 27001
• Significant hands-on experience with Splunk, including creating alerts, dashboards, executive reports, and acting as a lead or primary Splunk Engineer in an enterprise environment
• Ability to resolve complex security issues in diverse, decentralized environments and communicate clearly with technical and non-technical stakeholders
• Experience conducting forensic investigations on cyber incidents
• Experience creating/updating cloud security policies and standards
• Must be based in Texas

Qualifications

• 8+ years of proven experience in security architecture, cloud security, and Splunk engineering

Nice to Have

• Security Certifications: GSEC, CEH, CISA, CCSP, or similar
• Cloud Certifications: AWS Solutions Architect, cloud security certifications, OpenStack, or other relevant cloud certs
• Experience with Endpoint Detection & Response tools (Endgame, CrowdStrike, Cybereason or similar)
• Experience with Email Threat Management tools (Proofpoint, Mimecast, Microsoft security stack)
• Experience with SIEM tools beyond Splunk (Rapid7, Sumo Logic)
• Experience with DLP / CASB tools (Symantec, Microsoft, Bitglass, Netskope)
• Experience with Cloud network security tools (Cisco Umbrella, Palo Alto, Zscaler)
• Familiarity with CJIS and other public sector / regulatory security environments
• Preference for Austin-area candidates

Skills

* Required skills

Benefits