HHS - Sr. Splunk Engineer / Administrator jobs in United States
cer-icon
Apply on Employer Site
company-logo

cFocus Software Incorporated · 5 hours ago

HHS - Sr. Splunk Engineer / Administrator

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level, Lead/Staff
date8+ years exp

cFocus Software Incorporated is seeking a Sr. Splunk Engineer / Administrator to support the Department of Health and Human Services (HHS). The role involves administering and engineering a complex hybrid Splunk environment, ensuring compliance with logging requirements, and optimizing SIEM operations.

ChatbotGovernmentInformation TechnologySoftware
check
Growth OpportunitiesbadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Administer and engineer a complex hybrid Splunk environment supporting on-premises, IaaS, PaaS, SaaS, and multi-cloud platforms
Ensure logging and SIEM operations comply with OMB M-21-31 logging requirements including log categories, retention, and visibility
Design, implement, and maintain Splunk Core and Splunk Enterprise Security configurations
Perform data onboarding, parsing, normalization, and indexing optimization for diverse log sources
Develop, tune, and maintain correlation searches, detections, dashboards, and alerts to support SOC operations
Integrate Splunk with HRSA cybersecurity tools including EDR, vulnerability management, SOAR, cloud platforms, and threat intelligence feeds
Monitor SIEM performance including ingestion rates, indexing efficiency, search latency, and storage utilization
Optimize searches, data models, accelerated reports, and summary indexing to improve performance
Develop and maintain Splunk apps, add-ons, and custom knowledge objects
Support users and stakeholders by providing ad hoc searches, reports, and dashboards
Implement SIEM changes following HRSA change management procedures with documented implementation and rollback plans
Patch, upgrade, and maintain Splunk infrastructure in accordance with HHS and HRSA standards
Develop and maintain SIEM SOPs, workflows, architecture diagrams, and technical documentation
Support audits and assessments by producing logging evidence, compliance dashboards, and audit-ready reports
Maintain SLA of responding to SIEM-related service requests within two (2) business days

Qualification

Splunk CoreSplunk Enterprise SecuritySIEM administrationNIST complianceCloud integrationSplunk Certified ArchitectCybersecurity experienceEvent correlationThreat analyticsTechnical documentation

Required

Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or related field
Minimum of 8 years of experience administering enterprise SIEM and logging platforms
Extensive hands-on experience with Splunk Core and Splunk Enterprise Security
Strong understanding of log management, event correlation, detection engineering, and threat analytics
Experience supporting federal cybersecurity environments and compliance requirements
Knowledge of NIST SP 800-53, NIST SP 800-92, FISMA, and OMB logging mandates
Experience integrating SIEM with cloud platforms (AWS, Azure) and security tools
Active Splunk Certified Architect or Administrator

Preferred

CISSP, GCIA, GCED, or GCIH

Company

cFocus Software Incorporated

twittertwitter
company-logo
cFocus Software automates FedRAMP compliance and develops government chatbots for the Azure Government Cloud, Office 365, and SharePoint.
dateFounded in 2006
location
Largo, Florida, USA
people-size11-50 employees
web-link
https://cfocussoftware.com/

Funding

Current Stage
Early Stage

Leadership Team

leader-logo
Manisha Griesinger, MPH, MSc
Program Manager | U.S. EPA Office of the Chief Financial Officer
linkedin
Company data provided by crunchbase