Senior Splunk Engineer

Posted 3 weeks ago

Only freelancers located in the U.S. may apply.U.S. located freelancers only

Summary

Location: Massachusetts (Hybrid/Remote with Onsite Support as Needed) Employment Type: Full-Time Clearance/Background Requirements: Ability to pass state and federal background investigations About the Opportunity We are seeking a highly skilled and experienced Senior Splunk Engineer to support large-scale security operations, observability, and data analytics initiatives for government and enterprise environments, including critical support for the Commonwealth of Massachusetts Executive Office of Technology Services and Security (EOTSS). This role requires a hands-on technical expert capable of architecting, deploying, optimizing, troubleshooting, and maintaining complex Splunk environments supporting cybersecurity operations, compliance initiatives, incident response activities, and enterprise IT monitoring. The ideal candidate combines deep Splunk expertise with strong infrastructure, cloud, security, and automation skills and can operate effectively within highly regulated environments. Key Responsibilities Splunk Architecture & Administration • Design, deploy, configure, and maintain enterprise Splunk environments. • Manage Splunk Enterprise and Splunk Cloud deployments. • Administer Indexers, Search Heads, Deployment Servers, Heavy Forwarders, Universal Forwarders, and Cluster Managers. • Design and optimize data ingestion pipelines across diverse data sources. • Implement and maintain Splunk clustering and high-availability architectures. • Perform capacity planning and infrastructure optimization. Security Operations Support • Support Security Operations Center (SOC) initiatives. • Develop and maintain SIEM use cases, correlation searches, alerts, and dashboards. • Create and tune Splunk Enterprise Security (ES) content. • Assist with threat hunting and incident investigations. • Support MITRE ATT&CK mapping and threat detection engineering. • Analyze security events and provide actionable recommendations. EOTSS & Government Support • Assist with onboarding state agencies and municipalities into centralized Splunk platforms. • Support compliance initiatives including CJIS, IRS Publication 1075, HIPAA, NIST, and other regulatory frameworks. • Participate in major incident response activities. • Collaborate with agency stakeholders, security teams, and executive leadership. • Develop operational runbooks and technical documentation. Data Engineering & Integration • Integrate logs and telemetry from: o Microsoft 365 o Azure o AWS o Google Cloud o Windows Server o Linux o Network Infrastructure o Firewalls o Endpoint Security Platforms o Identity Providers o SaaS Applications • Develop custom parsers, field extractions, transforms, and CIM mappings. • Support Splunk Data Models and accelerated searches. Automation & Optimization • Develop automation using: o Python o PowerShell o REST APIs o SOAR platforms • Improve operational efficiency through workflow automation. • Optimize search performance and reduce infrastructure costs. • Implement monitoring and health-check frameworks. Required Qualifications Technical Experience • 5+ years of hands-on Splunk engineering experience. • 3+ years supporting enterprise-scale Splunk deployments exceeding 500GB/day ingestion. • Strong experience with: o Splunk Enterprise o Splunk Enterprise Security (ES) o Splunk Cloud o Splunk ITSI (preferred) o Splunk SOAR (preferred) Infrastructure Knowledge • Windows Server Administration • Linux Administration • Active Directory • Microsoft Azure • AWS • Virtualization Platforms • Networking fundamentals • DNS, DHCP, PKI, VPN technologies Security Knowledge • SIEM Operations • Threat Detection Engineering • Incident Response • Vulnerability Management • Security Frameworks: o NIST o CIS o CJIS o HIPAA o IRS 1075 o CMMC (preferred) Scripting & Development • Python • PowerShell • Regex • JSON • XML • REST APIs • Git Preferred Certifications Splunk Certifications • Splunk Certified Architect • Splunk Certified Admin • Splunk Enterprise Security Certified Admin Security Certifications • CISSP • GIAC Certifications • GCIH • GCIA • Security+ • CySA+ Cloud Certifications • Microsoft Azure Administrator • Azure Security Engineer • AWS Solutions Architect Desired Experience Candidates with experience supporting any of the following will receive special consideration: • State Government • EOTSS • Massachusetts Municipalities • Public Safety Agencies • Law Enforcement • Emergency Management • Healthcare • Critical Infrastructure • Managed Security Service Providers (MSSP) • Security Operations Centers (SOC) Personal Characteristics • Strong troubleshooting skills • Excellent communication abilities • Ability to interact with executive leadership • Strong documentation practices • Self-starter capable of working independently • Team-oriented mindset • Ability to remain calm during high-pressure incidents • Passion for cybersecurity and operational excellence What Success Looks Like Within the first 12 months, this individual will: • Improve Splunk search performance and platform stability. • Assist in onboarding additional agencies and data sources. • Enhance threat detection coverage. • Reduce alert fatigue through optimization. • Strengthen compliance reporting capabilities. • Become a trusted technical advisor for EOTSS stakeholders and leadership. Bonus Qualifications • Previous EOTSS experience. • Existing Commonwealth of Massachusetts relationships. • Experience supporting large Splunk deployments exceeding 1TB/day ingest. • Experience with cybersecurity consulting or MSSP environments. For EOTSS specifically, I would strongly recommend targeting candidates with Splunk Architect, Splunk ES, Microsoft Sentinel, and Massachusetts state government experience, because the technical challenges tend to be as much about stakeholder management, compliance, and onboarding agencies as they are about Splunk administration itself. A former EOTSS contractor or someone from Optiv, Deloitte, Accenture, TekStream, or a large MSSP would likely hit the ground running.

  • More than 30 hrs/week
    Hourly
  • 6+ months
    Duration
  • Expert
    Experience Level
  • $57.00

    -

    $77.00

    Hourly
  • Remote Job
  • Ongoing project
    Project Type
Skills and Expertise
Mandatory skills
Configuration Management
Activity on this job
  • Proposals:Less than 5
  • Last viewed by client:3 days ago
  • Interviewing:
    0
  • Invites sent:
    0
  • Unanswered invites:
    0
About the client
Member since Oct 20, 2018
  • United States
    Southborough3:26 AM
  • $866K total spent
    36 hires, 12 active
  • 37,727 hours
  • Tech & IT
    Large company (100-1,000 people)

Explore similar jobs on Upwork

UK Cybersecurity Sales ProfessionalHourly‐ Posted 2 weeks ago
Sales
Phone Communication
Telemarketing
Cold Calling
Help with cyber security photoshopHourly‐ Posted 9 months ago
Penetration Testing
System Security
Cybersecurity Management
Vulnerability Assessment
Security Assessment & Testing
Network Penetration Testing
Testing
Software Testing
Ethical Hacking
Threat Detection

How it works

  • Post a job icon
    Create your free profile
    Highlight your skills and experience, show your portfolio, and set your ideal pay rate.
  • Talent comes to you icon
    Work the way you want
    Apply for jobs, create easy-to-by projects, or access exclusive opportunities that come to you.
  • Payment simplified icon
    Get paid securely
    From contract to payment, we help you work safely and get paid securely.
Want to get started? Create a profile

About Upwork

  • Rating is 4.9 out of 5.
    4.9/5
    (Average rating of clients by professionals)
  • G2 2021
    #1 freelance platform
  • 49,000+
    Signed contract every week
  • $2.3B
    Freelancers earned on Upwork in 2020

Find the best freelance jobs

Growing your career is as easy as creating a free profile and finding work like this that fits your skills.

Trusted by

  • Microsoft Logo
  • Airbnb Logo
  • Bissell Logo
  • GoDaddy Logo