Senior Splunk Cloud Engineer

Location: Remote, within the United States

Security Clearance Requirements: 

Position Overview:  

ACI Solutions is seeking a Senior Splunk Cloud Engineer to support enterprise-level logging, monitoring, and cybersecurity operations within a U.S. Government / FedRAMP-compliant environment. This role is responsible for administering, optimizing, and securing Splunk Cloud infrastructure while supporting mission-critical systems and SOC operations.

The ideal candidate brings deep Splunk Cloud expertise, hands-on experience in federal environments, and the ability to operate within the Splunk Cloud shared responsibility model.

Experience Requirements:

• 10+ years of overall IT experience (systems, cloud, or cybersecurity engineering)
• 5+ years of hands on Splunk experience
• 3+ years of hands-on Splunk Cloud experience
• Proven experience supporting U.S. Government or FedRAMP environments
• Strong expertise in:
  • Splunk SPL (Search Processing Language)
  • Log ingestion, parsing, and normalization
  • Cloud platforms (AWS, Azure, or GCP)
• Experience with:
  • SIEM operations and SOC support
  • Identity federation (SAML/SSO)
  • RBAC and security best practices

Preferred Qualifications:

• Splunk certifications (e.g., Splunk Enterprise Certified Architect, Splunk Cloud Certified)
• Familiarity with compliance frameworks (FedRAMP, NIST 800-53)
• Experience working within Splunk Cloud shared responsibility model
• Knowledge of DevOps / Infrastructure as Code practices

Job Responsibilities:

Splunk Cloud Administration

• Administer and maintain Splunk Cloud environments, including search heads and index configurations
• Manage forwarders (Universal, Intermediate, Heavy) and deployment server configurations
• Configure identity federation (SAML/SSO) and Role-Based Access Controls (RBAC)
• Manage private app deployments through Splunk Cloud vetting processes
• Coordinate with Splunk Cloud Support for upgrades, scaling, and infrastructure issues

Data Ingestion & Integration

• Design and maintain secure ingestion pipelines using:
  • HTTP Event Collector (HEC)
  • APIs and cloud-native connectors
  • Universal Forwarders
• Onboard and normalize data from:
  • AWS, Azure, GCP environments
  • Security tools (EDR, IDS/IPS, firewalls)
  • Enterprise applications and SaaS platforms
• Monitor ingestion volume and license utilization
• Implement index lifecycle and retention strategies

Dashboards, Analytics & SIEM Support

• Develop dashboards, reports, alerts, and correlation searches
• Optimize SPL queries for performance and efficiency
• Maintain data models, lookups, and knowledge objects
• Reduce false positives and enhance alert reliability

Monitoring & Performance Optimization

• Monitor ingestion rates, search performance, and storage utilization
• Troubleshoot data delays, parsing issues, and search failures
• Implement workload management and performance tuning strategies
• Prevent license overages through proactive monitoring

Security & Compliance (FedRAMP Focus)

• Maintain least-privilege access controls and RBAC policies
• Support compliance efforts (FedRAMP, NIST, etc.)
• Assist with audit preparation and documentation
• Partner with SOC teams on SIEM tuning and log onboarding

Why ACI Solutions?

At ACI, you’re more than just a team member; you’re part of a mission-driven organization that supports critical government initiatives. We provide:

• Strong leadership access and support
• Career growth and training opportunities ($2,000/year training benefit)
• Wellness benefits including gym reimbursement
• A collaborative, people-first culture