Dragonfli Group

Compensation

Full Description

Description Dragonfli Group is a cybersecurity and IT consulting firm headquartered in Washington, D.C. We provide expert services to clients across both government and commercial sectors, supporting projects that range from rapid assessments to multi-year digital transformation efforts. Our consultants work in on-site, hybrid, and remote environments based on client needs. We’re hiring a Splunk Cyber Security SME to drive visibility, automation, and security intelligence across one of the largest data environments in the federal space. This isn’t just a monitoring role — you’ll be at the heart of designing and engineering Splunk infrastructure that supports national-scale operations. From real-time telemetry and alerting to advanced dashboards and automations, your work will directly impact mission-critical decision making. If you’re ready to take on complex data challenges, work shoulder-to-shoulder with elite DevOps and Security teams, and engineer systems that scale — this role was built for you. This is a remote role (U.S. only) with potential occasional off-hours or weekend support. U.S. Citizenship or Permanent Residency is required. Responsibilities Architect and maintain enterprise-grade Splunk environments across on-prem and cloud platforms Create and manage knowledge objects, complex SPL queries, alerts, and dynamic dashboards Design and implement scalable data ingestion pipelines and parsing logic Collaborate with DevOps, Security, and Infrastructure teams to ensure optimal system performance Develop automation workflows and UI interfaces to enhance operational efficiency Troubleshoot data latency, availability, and integration challenges Support system maintenance, version upgrades, and environment hardening Contribute to technical mentorship and process documentation Requirements Must-Have: 5+ Years of Splunk Experience Required Manages knowledge objects (fields, extractions, tags, event types, lookups, workflow actions, aliases, macros, and so on) – through automations, scripting, management server functions; to include .conf and .cfg files in scope of the last four Splunk Enterprise versions Experience with Splunk deployment and configuration management in large-scale environments Proficiency in writing complex Splunk queries, dashboards, and alerts using SPL (Search Processing Language) Experience with REST APIs for Splunk and external system integration Ability to analyze and troubleshoot complex data ingestion and parsing issues Designing and developing an automations workflow and dashboard interface for such Self-starter with a service-oriented mindset who will take action, find ways to solve problems, and move projects to conclusion independently Strong problem-solving skills and the ability to translate research insights into practical solutions that address real-world challenges. Strong communication and collaboration skills with the ability to articulate complex technical concepts to both technical and non-technical audiences. Experience in mentoring and guiding junior researchers or team members Preferred: Ability to leverage the Splunk AI Assistant and other AI tools to increase accuracy and efficiency of task and other deliverables Advanced knowledge of Unix/Linux and/or Windows systems administration and troubleshooting Strong scripting skills in Bash, Python, JavaScript, SQL and PowerShell for automation and integration tasks Experience with Splunk upgrades, patching, and performance tuning Proficiency in integrating Splunk with cloud platforms (AWS, GCP, Azure) Understanding of security and compliance requirements and implementation of role-based access controls (RBAC) in Splunk Strong knowledge of logging standards and best practices across application and infrastructure layers Extensive knowledge of defense-in-depth principles, Network and Security architecture, network topology, IT device integrity, and common security elements. Executes new projects as well as data and user onboarding Strong understanding of IT and Cyber industry standards and technologies to include such controls governed by NIST, FISMA, and FedRamp Experience installing and utilizing and developing with the Splunk App for Data Science and Deep Learning. Experience installing and utilizing and developing with the Splunk SOAR Automation toolset Experience or background in the Cybersecurity, Systems/Network Administration or Observability industry Skill(s) Must-have 5+ years of Splunk engineering experience in complex, high-volume environments Proficiency in SPL, knowledge object development, and configuration management Strong background in Linux/Unix systems administration Skilled in scripting languages (Python, Bash, PowerShell, etc.) Experience with REST APIs and external system integrations Ability to diagnose ingestion, parsing, and indexing issues at scale Self-driven problem solver with a consulting mindset and strong communication skills Preferred Qualifications Experience with Splunk AI Assistant, SOAR, and DSDL frameworks Familiarity with cloud services (AWS, Azure, GCP) and hybrid deployments Understanding of NIST, FISMA, FedRAMP, and other security frameworks Expertise in role-based access controls (RBAC), secure logging, and compliance Background in cybersecurity, observability, or infrastructure engineering Benefits Insurance - health, dental, vision PTO & 11 Federal Holidays 401(k), employer match Travel None