Splunk Architect

Job Locations US-MD-Fort Meade
Job Post Information* : Posted Date 5 months ago(5/28/2020 11:01 AM)
Information Technology
Location : Location
US-MD-Fort Meade
Clearance Requirement
Job Requires Relocation




SOSi is seeking a Splunk Architect to support a customer on Ft. Meade, Maryland. In this position, we are looking for the Lead System Engineer (LSE) with Splunk Architect experience to lead a small (3 FTE) Splunk and Software Development Team on the program providing incident response to operational systems, capability enhancements to current architecture, and strategic planning for future architectural upgrades.


  • Lead team in gathering requirements and designing solutions for large and/or complex multi-site architectures.
  • Understand advanced core design (multi-site cluster/multi-region cloud), Enterprise Security implementation, ITSI Implementation and tuning, ITSI Architecture, ITSI Service Decomposition, Search and SPL, Advanced Dash-boarding, Data On-boarding, Vmware app, Stream, DevOps, Security/Fraud/Compliance App, Custom scripted inputs.
  • Deploy Splunk in complex environments to meet customer mission needs. 
  • Develop custom scripted Splunk inputs using Bash, Perl, Python and Powershell to collect unique customer data when native collection methods were lacking. 
  • Develop Splunk searches and dashboards including advanced visualizations based on customer requirements. 
  • Install and support Splunk Enterprise Security, ensuring all data is CIM compliant.
  • Identify and troubleshoot possible or existing inefficiencies with current architecture.
  • Integrate Splunk with 3rd party tools.
  • Build cost/benefits analyses.


  • Minimum Bachelor’s of Science Degree and 3-6 years of related professional experience.
  • In Scope DoD Secret clearance.
  • Must meet IAT Level II certification such as Security+ or equivalent.
  • Demonstrated experience using COTS statistical software such as SPSS, SAS, MatLab etc…
  • Required experience with software packages used for advanced statistical analysis of operational data and tools for data visualization.
  • SME in Splunk will be required to hold and maintain a Splunk Enterprise Certified Architect certification as well as have at minimum 3 years of experience in engineering Splunk solutions. The SME may also hold and maintain Splunk Enterprise Certified Admin certification with at least 5 years of experience in engineering Splunk solutions.

Preferred Qualifications

  • Master’s Degree in Computer Science or related field.
  • In scope DoD TS/SCI security clearance.
  • Fluency in a foreign language desired, not required.

Working Conditions

  • Work environment is typical for an office setting.


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed