logo inner

HHS - Sr. Splunk Engineer / Administrator

Companycfocussoftware
LocationWorldwide
TypeRemote
cFocus Software seeks a Sr. Splunk Engineer / Administrator to join our program supporting the Department of Health and Human Services (HHS) This position is remote. This position requires the ability a Public Trust clearance.

Qualifications:


  • Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or related field.
  • Minimum of 8 years of experience administering enterprise SIEM and logging platforms.
  • Extensive hands-on experience with Splunk Core and Splunk Enterprise Security.
  • Strong understanding of log management, event correlation, detection engineering, and threat analytics.
  • Experience supporting federal cybersecurity environments and compliance requirements.
  • Knowledge of NIST SP 800-53, NIST SP 800-92, FISMA, and OMB logging mandates.
  • Experience integrating SIEM with cloud platforms (AWS, Azure) and security tools.
  • Active Splunk Certified Architect or Administrator
  • CISSP, GCIA, GCED, or GCIH (preferred).

Duties:


  • Administer and engineer a complex hybrid Splunk environment supporting on-premises, IaaS, PaaS, SaaS, and multi-cloud platforms.
  • Ensure logging and SIEM operations comply with OMB M-21-31 logging requirements including log categories, retention, and visibility.
  • Design, implement, and maintain Splunk Core and Splunk Enterprise Security configurations.
  • Perform data onboarding, parsing, normalization, and indexing optimization for diverse log sources.
  • Develop, tune, and maintain correlation searches, detections, dashboards, and alerts to support SOC operations.
  • Integrate Splunk with HRSA cybersecurity tools including EDR, vulnerability management, SOAR, cloud platforms, and threat intelligence feeds.
  • Monitor SIEM performance including ingestion rates, indexing efficiency, search latency, and storage utilization.
  • Optimize searches, data models, accelerated reports, and summary indexing to improve performance.
  • Develop and maintain Splunk apps, add-ons, and custom knowledge objects.
  • Support users and stakeholders by providing ad hoc searches, reports, and dashboards.
  • Implement SIEM changes following HRSA change management procedures with documented implementation and rollback plans.
  • Patch, upgrade, and maintain Splunk infrastructure in accordance with HHS and HRSA standards.
  • Develop and maintain SIEM SOPs, workflows, architecture diagrams, and technical documentation.
  • Support audits and assessments by producing logging evidence, compliance dashboards, and audit-ready reports.
  • Maintain SLA of responding to SIEM-related service requests within two (2) business days.


Your tracker settings

We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

logo innerThatStartupJob
Discover the best startup and their job positions, all in one place.
Quick SearchSearch JobsSearch Remote Jobs hiring WorldwideSearch Remote Jobs in the USSearch Jobs in IndiaSearch Remote Jobs in UKSearch by Title
AreaCaliforniaMassachusettsNew YorkTexasVirginiaWashington D.C.View all
Popular SubRemote JobsWeb3 JobsiOS Developer JobsFront End Developer Remote JobsComputational Geometry JobsCannabis CareersView all
CompanyAbout UsContact usBlogCreditsCareersPrivacy PolicyCookie Policy
Copyright © 2025