Location: Remote, within the United States
Security Clearance Requirements:
- Ability to obtain and maintain a Public Trust or higher clearance
- Active clearance preferred
Position Overview:
ACI Solutions is seeking a Senior Splunk Cloud Engineer to support enterprise-level logging, monitoring, and cybersecurity operations within a U.S. Government / FedRAMP-compliant environment. This role is responsible for administering, optimizing, and securing Splunk Cloud infrastructure while supporting mission-critical systems and SOC operations.
The ideal candidate brings deep Splunk Cloud expertise, hands-on experience in federal environments, and the ability to operate within the Splunk Cloud shared responsibility model.
Experience Requirements:
- 10+ years of overall IT experience (systems, cloud, or cybersecurity engineering)
- 5+ years of hands on Splunk experience
- 3+ years of hands-on Splunk Cloud experience
- Proven experience supporting U.S. Government or FedRAMP environments
- Strong expertise in:- Splunk SPL (Search Processing Language)
- Log ingestion, parsing, and normalization
- Cloud platforms (AWS, Azure, or GCP)
- Experience with:- SIEM operations and SOC support
- Identity federation (SAML/SSO)
- RBAC and security best practices
Preferred Qualifications:
- Splunk certifications (e.g., Splunk Enterprise Certified Architect, Splunk Cloud Certified)
- Familiarity with compliance frameworks (FedRAMP, NIST 800-53)
- Experience working within Splunk Cloud shared responsibility model
- Knowledge of DevOps / Infrastructure as Code practices
Job Responsibilities:
Splunk Cloud Administration
- Administer and maintain Splunk Cloud environments, including search heads and index configurations
- Manage forwarders (Universal, Intermediate, Heavy) and deployment server configurations
- Configure identity federation (SAML/SSO) and Role-Based Access Controls (RBAC)
- Manage private app deployments through Splunk Cloud vetting processes
- Coordinate with Splunk Cloud Support for upgrades, scaling, and infrastructure issues
Data Ingestion & Integration
- Design and maintain secure ingestion pipelines using:- HTTP Event Collector (HEC)
- APIs and cloud-native connectors
- Universal Forwarders
- Onboard and normalize data from:- AWS, Azure, GCP environments
- Security tools (EDR, IDS/IPS, firewalls)
- Enterprise applications and SaaS platforms
- Monitor ingestion volume and license utilization
- Implement index lifecycle and retention strategies
Dashboards, Analytics & SIEM Support
- Develop dashboards, reports, alerts, and correlation searches
- Optimize SPL queries for performance and efficiency
- Maintain data models, lookups, and knowledge objects
- Reduce false positives and enhance alert reliability
Monitoring & Performance Optimization
- Monitor ingestion rates, search performance, and storage utilization
- Troubleshoot data delays, parsing issues, and search failures
- Implement workload management and performance tuning strategies
- Prevent license overages through proactive monitoring
Security & Compliance (FedRAMP Focus)
- Maintain least-privilege access controls and RBAC policies
- Support compliance efforts (FedRAMP, NIST, etc.)
- Assist with audit preparation and documentation
- Partner with SOC teams on SIEM tuning and log onboarding
Why ACI Solutions?
At ACI, you’re more than just a team member; you’re part of a mission-driven organization that supports critical government initiatives. We provide:
- Strong leadership access and support
- Career growth and training opportunities ($2,000/year training benefit)
- Wellness benefits including gym reimbursement
- A collaborative, people-first culture