Dragonfli Group

Compensation

Full Description

Description Dragonfli Group is a cybersecurity and IT consulting firm headquartered in Washington, DC, serving federal and commercial clients nationwide. We deliver mission-driven consulting services across security engineering, cloud infrastructure, data science, and digital modernization. We are seeking a highly skilled Splunk Cybersecurity Engineer SME to support a large federal agency. In this senior-level role, you will lead the design, deployment, automation, and maintenance of Splunk in a complex hybrid infrastructure. This includes operational support, Splunk integrations, security alignment, and real-time data analytics across on-premises and cloud environments. You’ll collaborate with cross-functional stakeholders from DevOps, Security, and IT Operations to ensure robust monitoring, system availability, and performance tuning at scale. This is a remote role (U.S. only) with potential occasional off-hours or weekend support. U.S. Citizenship or Permanent Residency is required. Responsibilities Design and maintain enterprise-wide Splunk environments across hybrid infrastructure Develop complex dashboards, alerts, and searches using SPL Automate configuration, ingestion pipelines, and system performance tuning Integrate Splunk with cloud platforms (AWS, GCP, Azure) and external systems via APIs Troubleshoot ingest, parsing, and data integrity issues Guide data onboarding and architecture across large-scale projects Mentor junior engineers and support technical escalation Align Splunk capabilities with cybersecurity policies and compliance (FISMA, FedRAMP, NIST) Requirements Must-Have: 5+ Years of Splunk Experience Required Manages knowledge objects (fields, extractions, tags, event types, lookups, workflow actions, aliases, macros, and so on) – through automations, scripting, management server functions; to include .conf and .cfg files in scope of the last four Splunk Enterprise versions Experience with Splunk deployment and configuration management in large-scale environments Proficiency in writing complex Splunk queries, dashboards, and alerts using SPL (Search Processing Language) Experience with REST APIs for Splunk and external system integration Ability to analyze and troubleshoot complex data ingestion and parsing issues Designing and developing an automations workflow and dashboard interface for such Self-starter with a service-oriented mindset who will take action, find ways to solve problems, and move projects to conclusion independently Strong problem-solving skills and the ability to translate research insights into practical solutions that address real-world challenges. Strong communication and collaboration skills with the ability to articulate complex technical concepts to both technical and non-technical audiences. Experience in mentoring and guiding junior researchers or team members Preferred: Ability to leverage the Splunk AI Assistant and other AI tools to increase accuracy and efficiency of task and other deliverables Advanced knowledge of Unix/Linux and/or Windows systems administration and troubleshooting Strong scripting skills in Bash, Python, JavaScript, SQL and PowerShell for automation and integration tasks Experience with Splunk upgrades, patching, and performance tuning Proficiency in integrating Splunk with cloud platforms (AWS, GCP, Azure) Understanding of security and compliance requirements and implementation of role-based access controls (RBAC) in Splunk Strong knowledge of logging standards and best practices across application and infrastructure layers Extensive knowledge of defense-in-depth principles, Network and Security architecture, network topology, IT device integrity, and common security elements. Executes new projects as well as data and user onboarding Strong understanding of IT and Cyber industry standards and technologies to include such controls governed by NIST, FISMA, and FedRamp Experience installing and utilizing and developing with the Splunk App for Data Science and Deep Learning. Experience installing and utilizing and developing with the Splunk SOAR Automation toolset Experience or background in the Cybersecurity, Systems/Network Administration or Observability industry Skill(s) Splunk architecture and engineering (5+ years) System automation and scripting Cloud and on-prem systems integration Troubleshooting, dashboarding, and query optimization Strong interpersonal and communication skills Benefits Insurance - health, dental, vision PTO & 11 Federal Holidays 401(k), employer match Travel None