Senior Splunk Cloud Engineer

Location: Remote, within the United StatesSecurity Clearance Requirements: Ability to obtain and maintain a Public Trust or higher clearanceActive clearance preferredPosition Overview: ACI Solutions is seeking a Senior Splunk Cloud Engineer to support enterprise-level logging, monitoring, and cybersecurity operations within a U.S. Government / FedRAMP-compliant environment. This role is responsible for administering, optimizing, and securing Splunk Cloud infrastructure while supporting mission-critical systems and SOC operations.The ideal candidate brings deep Splunk Cloud expertise, hands-on experience in federal environments, and the ability to operate within the Splunk Cloud shared responsibility model.Experience Requirements:10+ years of overall IT experience (systems, cloud, or cybersecurity engineering)5+ years of hands on Splunk experience3+ years of hands-on Splunk Cloud experienceProven experience supporting U.S. Government or FedRAMP environmentsStrong expertise in:Splunk SPL (Search Processing Language)Log ingestion, parsing, and normalizationCloud platforms (AWS, Azure, or GCP)Experience with:SIEM operations and SOC supportIdentity federation (SAML/SSO)RBAC and security best practicesPreferred Qualifications:Splunk certifications (e.g., Splunk Enterprise Certified Architect, Splunk Cloud Certified)Familiarity with compliance frameworks (FedRAMP, NIST 800-53)Experience working within Splunk Cloud shared responsibility modelKnowledge of DevOps / Infrastructure as Code practicesJob Responsibilities:Splunk Cloud AdministrationAdminister and maintain Splunk Cloud environments, including search heads and index configurationsManage forwarders (Universal, Intermediate, Heavy) and deployment server configurationsConfigure identity federation (SAML/SSO) and Role-Based Access Controls (RBAC)Manage private app deployments through Splunk Cloud vetting processesCoordinate with Splunk Cloud Support for upgrades, scaling, and infrastructure issuesData Ingestion & IntegrationDesign and maintain secure ingestion pipelines using:HTTP Event Collector (HEC)APIs and cloud-native connectorsUniversal ForwardersOnboard and normalize data from:AWS, Azure, GCP environmentsSecurity tools (EDR, IDS/IPS, firewalls)Enterprise applications and SaaS platformsMonitor ingestion volume and license utilizationImplement index lifecycle and retention strategiesDashboards, Analytics & SIEM SupportDevelop dashboards, reports, alerts, and correlation searchesOptimize SPL queries for performance and efficiencyMaintain data models, lookups, and knowledge objectsReduce false positives and enhance alert reliabilityMonitoring & Performance OptimizationMonitor ingestion rates, search performance, and storage utilizationTroubleshoot data delays, parsing issues, and search failuresImplement workload management and performance tuning strategiesPrevent license overages through proactive monitoringSecurity & Compliance (FedRAMP Focus)Maintain least-privilege access controls and RBAC policiesSupport compliance efforts (FedRAMP, NIST, etc.)Assist with audit preparation and documentationPartner with SOC teams on SIEM tuning and log onboarding Why ACI Solutions?At ACI, you’re more than just a team member; you’re part of a mission-driven organization that supports critical government initiatives. We provide:Strong leadership access and supportCareer growth and training opportunities ($2,000/year training benefit)Wellness benefits including gym reimbursementA collaborative, people-first culture

Apply Now