Senior Principal Splunk Architect at UltraViolet Cyber – Remote
UltraViolet Cyber
Remote
Posted on
NewSalary:$180000 - $240000Job Function:Information Technology
New job! Apply early to increase your chances of getting hired.
Explore Related Opportunities
About This Position
Senior Principal Splunk Architect
What You've Done:
$180,000 - $240,000 a year
Make a difference here.
UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite of security operations solutions. Founded and operated by security practitioners with decades of experience, the UltraViolet Cyber security-as-code platform combines technology innovation and human expertise to make advanced real-time cybersecurity accessible for all organizations by eliminating risks of separate red and blue teams.
By creating continuously optimized identification, detection, and resilience from todays dynamic threat landscape, UltraViolet Cyber provides both managed and custom-tailored unified security operations solutions to the Fortune 500, Federal Government, and Commercial clients. UltraViolet Cyber is headquartered in McLean, Virginia, with global offices across the U.S. and in India.
The Senior Principal Splunk SME serves as the technical authority for the design, deployment, and optimization of large-scale Splunk environments in federal cybersecurity missions. This role leads architecture decisions across Splunk Enterprise and Enterprise Security (ES), with deep expertise in SIEM operations, observability, and high-performance data ingestion across AWS and hybrid cloud environments. The SME supports development of security monitoring content, and ensures platform alignment with federal compliance mandates. Beyond hands-on engineering, this position mentors junior staff, guides technical governance, and advises senior stakeholders on Splunk strategy and roadmap maturity.
What You'll Do:Architecture & Design Design and implement distributed, high-performance Splunk Enterprise and ES architectures spanning on-premises and hybrid cloud environments. Define indexer clustering, search head clustering, and forwarder topologies to meet mission-scale ingestion and availability requirements.
Engineering & Optimization Build and optimize data ingestion pipelines, develop data models, and tune search performance for reliability and scalability. Develop custom TAs and field extractions for diverse federal log sources including endpoints, network devices, cloud platforms, and security tools.
Security & Compliance Ensure platform compliance with FISMA, NIST RMF, M-21-31 log retention mandates, CDM program requirements, and FedRAMP authorization boundaries.
Strategy & Leadership Provide technical governance over Splunk platform decisions and roadmap evolution. Mentor junior engineers on SPL, data onboarding, and ES content development. Collaborate with SOC, network, and IT teams to align Splunk capabilities with operational and mission objectives.
The ideal candidate possesses strong analytical and troubleshooting skills, with the ability to diagnose complex technical issues and rapidly develop practical, effective solutions. This role requires someone who can clearly articulate findings and recommended actions to leadership to support informed decisionmaking. The candidate must also be adept at working within a structured changemanagement framework and ensuring full compliance with applicable government oversight and governance requirements.
The candidate must be able to engage effectively with nontechnical stakeholders, guiding them through complex processes and operational steps in a clear, patient, and structured manner. This includes translating technical concepts into accessible language, ensuring stakeholders understand required actions, and providing steady support to help them successfully complete tasks.
- US Citizenship is Required
- Ability to pass a DHS EOD Clearance
- Bachelor's degree plus 10 years of relevant experience, or Master's degree plus 15 years.
- 10+ years of Splunk experience in a large clustered environment.
- Demonstrated expertise in Splunk administration and architecture, Linux administration, cloud platforms (AWS/Azure), scripting, and log parsing.
- Splunk Architect certifications required; Splunk ES Certified Admin
- Cribl Admin certification preferred.
- Public Trust eligibility required
- [Secret clearance preferred]
- 401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed
- Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment)
- Group Term Life, Short-Term Disability, Long-Term Disability
- Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness
- Participation in the Discretionary Time Off (DTO) Program
- 11 Paid Holidays Annually
UltraViolet Cyber maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect our company's differing products, services, industries and lines of business. Candidates are typically placed into the range based on the preceding factors.
We sincerely thank all applicants in advance for submitting their interest in this position. We know your time is valuable.
UltraViolet Cyber welcomes and encourages diversity in the workplace regardless of race, gender, religion, age, sexual orientation, gender identity, disability, or veteran status.
If you want to make an impact, UltraViolet Cyber is the place for you!
$180,000 - $240,000 a year
Scan to Apply
Just scan this QR code to apply from your phone.
Job Location
Remote
Frequently asked questions about this position
Continue to apply
Enter your email to continue. You’ll be redirected to the employer’s application.By clicking Continue, you understand and agree to JobTarget's Terms of Service and Privacy Policy.
Apply Now