Senior Splunk Engineer
Only freelancers located in the U.S. may apply.U.S. located freelancers only
Location: Massachusetts (Hybrid/Remote with Onsite Support as Needed) Employment Type: Full-Time Clearance/Background Requirements: Ability to pass state and federal background investigations About the Opportunity We are seeking a highly skilled and experienced Senior Splunk Engineer to support large-scale security operations, observability, and data analytics initiatives for government and enterprise environments, including critical support for the Commonwealth of Massachusetts Executive Office of Technology Services and Security (EOTSS). This role requires a hands-on technical expert capable of architecting, deploying, optimizing, troubleshooting, and maintaining complex Splunk environments supporting cybersecurity operations, compliance initiatives, incident response activities, and enterprise IT monitoring. The ideal candidate combines deep Splunk expertise with strong infrastructure, cloud, security, and automation skills and can operate effectively within highly regulated environments. Key Responsibilities Splunk Architecture & Administration • Design, deploy, configure, and maintain enterprise Splunk environments. • Manage Splunk Enterprise and Splunk Cloud deployments. • Administer Indexers, Search Heads, Deployment Servers, Heavy Forwarders, Universal Forwarders, and Cluster Managers. • Design and optimize data ingestion pipelines across diverse data sources. • Implement and maintain Splunk clustering and high-availability architectures. • Perform capacity planning and infrastructure optimization. Security Operations Support • Support Security Operations Center (SOC) initiatives. • Develop and maintain SIEM use cases, correlation searches, alerts, and dashboards. • Create and tune Splunk Enterprise Security (ES) content. • Assist with threat hunting and incident investigations. • Support MITRE ATT&CK mapping and threat detection engineering. • Analyze security events and provide actionable recommendations. EOTSS & Government Support • Assist with onboarding state agencies and municipalities into centralized Splunk platforms. • Support compliance initiatives including CJIS, IRS Publication 1075, HIPAA, NIST, and other regulatory frameworks. • Participate in major incident response activities. • Collaborate with agency stakeholders, security teams, and executive leadership. • Develop operational runbooks and technical documentation. Data Engineering & Integration • Integrate logs and telemetry from: o Microsoft 365 o Azure o AWS o Google Cloud o Windows Server o Linux o Network Infrastructure o Firewalls o Endpoint Security Platforms o Identity Providers o SaaS Applications • Develop custom parsers, field extractions, transforms, and CIM mappings. • Support Splunk Data Models and accelerated searches. Automation & Optimization • Develop automation using: o Python o PowerShell o REST APIs o SOAR platforms • Improve operational efficiency through workflow automation. • Optimize search performance and reduce infrastructure costs. • Implement monitoring and health-check frameworks. Required Qualifications Technical Experience • 5+ years of hands-on Splunk engineering experience. • 3+ years supporting enterprise-scale Splunk deployments exceeding 500GB/day ingestion. • Strong experience with: o Splunk Enterprise o Splunk Enterprise Security (ES) o Splunk Cloud o Splunk ITSI (preferred) o Splunk SOAR (preferred) Infrastructure Knowledge • Windows Server Administration • Linux Administration • Active Directory • Microsoft Azure • AWS • Virtualization Platforms • Networking fundamentals • DNS, DHCP, PKI, VPN technologies Security Knowledge • SIEM Operations • Threat Detection Engineering • Incident Response • Vulnerability Management • Security Frameworks: o NIST o CIS o CJIS o HIPAA o IRS 1075 o CMMC (preferred) Scripting & Development • Python • PowerShell • Regex • JSON • XML • REST APIs • Git Preferred Certifications Splunk Certifications • Splunk Certified Architect • Splunk Certified Admin • Splunk Enterprise Security Certified Admin Security Certifications • CISSP • GIAC Certifications • GCIH • GCIA • Security+ • CySA+ Cloud Certifications • Microsoft Azure Administrator • Azure Security Engineer • AWS Solutions Architect Desired Experience Candidates with experience supporting any of the following will receive special consideration: • State Government • EOTSS • Massachusetts Municipalities • Public Safety Agencies • Law Enforcement • Emergency Management • Healthcare • Critical Infrastructure • Managed Security Service Providers (MSSP) • Security Operations Centers (SOC) Personal Characteristics • Strong troubleshooting skills • Excellent communication abilities • Ability to interact with executive leadership • Strong documentation practices • Self-starter capable of working independently • Team-oriented mindset • Ability to remain calm during high-pressure incidents • Passion for cybersecurity and operational excellence What Success Looks Like Within the first 12 months, this individual will: • Improve Splunk search performance and platform stability. • Assist in onboarding additional agencies and data sources. • Enhance threat detection coverage. • Reduce alert fatigue through optimization. • Strengthen compliance reporting capabilities. • Become a trusted technical advisor for EOTSS stakeholders and leadership. Bonus Qualifications • Previous EOTSS experience. • Existing Commonwealth of Massachusetts relationships. • Experience supporting large Splunk deployments exceeding 1TB/day ingest. • Experience with cybersecurity consulting or MSSP environments. For EOTSS specifically, I would strongly recommend targeting candidates with Splunk Architect, Splunk ES, Microsoft Sentinel, and Massachusetts state government experience, because the technical challenges tend to be as much about stakeholder management, compliance, and onboarding agencies as they are about Splunk administration itself. A former EOTSS contractor or someone from Optiv, Deloitte, Accenture, TekStream, or a large MSSP would likely hit the ground running.
- More than 30 hrs/weekHourly
- 6+ monthsDuration
- ExpertExperience Level
$57.00
-
$77.00
Hourly- Remote Job
- Ongoing projectProject Type
Skills and Expertise
Activity on this job
- Proposals:Less than 5
- Last viewed by client:3 days ago
- Interviewing:0
- Invites sent:0
- Unanswered invites:0
About the client
- United StatesSouthborough3:26 AM
- $866K total spent36 hires, 12 active
- 37,727 hours
- Tech & ITLarge company (100-1,000 people)
Explore similar jobs on Upwork
How it works
Create your free profileHighlight your skills and experience, show your portfolio, and set your ideal pay rate.
Work the way you wantApply for jobs, create easy-to-by projects, or access exclusive opportunities that come to you.
Get paid securelyFrom contract to payment, we help you work safely and get paid securely.
About Upwork
- 4.9/5(Average rating of clients by professionals)
- G2 2021#1 freelance platform
- 49,000+Signed contract every week
- $2.3BFreelancers earned on Upwork in 2020
Find the best freelance jobs
Growing your career is as easy as creating a free profile and finding work like this that fits your skills.
Trusted by