Triangle Cyber is seeking a highly skilled and motivated Cybersecurity Splunk Subject Matter Expert (SME) to join our team for a federal contract engagement. 

The ideal candidate will be responsible for designing, deploying, and maintaining on-premises and cloud-based Splunk environments to support enterprise-level monitoring, alerting, and reporting. This role requires in-depth expertise in Splunk system architecture, design, implementation, configuration, and operational support within a hybrid on-premises Unix/Linux and cloud-based environment. Candidates must be able to collaborate across DevOps, Security, and IT teams to optimize performance, ensure data integrity, system availability, and support mission-critical operations. Proven hands-on experience with a large enterprise-wide Splunk environment is mandatory. Occasional off-hours and weekend efforts for system maintenance, upgrades, and support may be required from time to time.

Required Qualifications

• Must be a U.S. citizen
• Must have five (5) or more years of hands-on Splunk experience
• Must be able to manage knowledge objects (fields, extractions, tags, event types, lookups, workflow actions, aliases, macros, and so on) – through automations, scripting, management server functions; to include .conf and .cfg files within the scope of the last four Splunk Enterprise versions
• Must have experience with Splunk deployment and configuration management in large-scale environments
• Must be proficient in writing complex Splunk queries, dashboards, and alerts using SPL (Search Processing Language)
• Must have experience using REST APIs for Splunk and external system integration
• Must demonstrate the ability to analyze and troubleshoot complex data ingestion and parsing issues
• Must be able to design and develop task automation workflows and dashboard interfaces
• Must be a self-starter with a service-oriented mindset who will take action, find ways to solve problems, and move projects to a conclusion independently
• Strong problem-solving skills and the ability to translate research insights into practical solutions that address real-world challenges.
• Strong communication and collaboration skills with the ability to articulate complex technical concepts to both technical and non-technical audiences.
• Experience in mentoring and guiding junior researchers or team members

Desired Qualifications

• Ability to leverage the Splunk AI Assistant and other AI tools to increase the accuracy and efficiency of tasks and other deliverables
• Advanced knowledge of Unix/Linux and/or Windows systems administration and troubleshooting
• Strong scripting skills in Bash, Python, JavaScript, SQL, and PowerShell for automation and integration tasks
• Experience with Splunk upgrades, patching, and performance tuning
• Proficiency in integrating Splunk with cloud platforms (AWS, GCP, Azure)
• Understanding of security and compliance requirements and implementation of role-based access controls (RBAC) in Splunk
• Strong knowledge of logging standards and best practices across application and infrastructure layers
• Extensive knowledge of defense-in-depth principles, Network and Security architecture, network topology, IT device integrity, and common security elements.
• Executes new projects as well as data and user onboarding
• Strong understanding of IT and Cyber industry standards and technologies, include such controls governed by NIST, FISMA, and FedRamp
• Experience installing, utilizing, and developing with the Splunk App for Data Science and Deep Learning.
• Experience installing, utilizing, and developing with the Splunk SOAR Automation toolset
• Experience or background in the Cybersecurity, Systems/Network Administration, or Observability industry