Job Description
Make a difference here.
UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite of security operations solutions. Founded and operated by security practitioners with decades of experience, the UltraViolet Cyber security-as-code platform combines technology innovation and human expertise to make advanced real-time cybersecurity accessible for all organizations by eliminating risks of separate red and blue teams.
By creating continuously optimized identification, detection, and resilience from today’s dynamic threat landscape, UltraViolet Cyber provides both managed and custom-tailored unified security operations solutions to the Fortune 500, Federal Government, and Commercial clients. UltraViolet Cyber is headquartered in McLean, Virginia, with global offices across the U.S. and in India.
The Senior Principal Splunk SME serves as the technical authority for the design, deployment, and optimization of large-scale Splunk environments in federal cybersecurity missions. This role leads architecture decisions across Splunk Enterprise and Enterprise Security (ES), with deep expertise in SIEM operations, observability, and high-performance data ingestion across AWS and hybrid cloud environments. The SME supports development of security monitoring content, and ensures platform alignment with federal compliance mandates. Beyond hands-on engineering, this position mentors junior staff, guides technical governance, and advises senior stakeholders on Splunk strategy and roadmap maturity.
What You’ll Do:
_Architecture & Design_ Design and implement distributed, high-performance Splunk Enterprise and ES architectures spanning on-premises and hybrid cloud environments. Define indexer clustering, search head clustering, and forwarder topologies to meet mission-scale ingestion and availability requirements.
_Engineering & Optimization_ Build and optimize data ingestion pipelines, develop data models, and tune search performance for reliability and scalability. Develop custom TAs and field extractions for diverse federal log sources including endpoints, network devices, cloud platforms, and security tools.
Security & Compliance Ensure platform compliance with FISMA, NIST RMF, M-21-31 log retention mandates, CDM program requirements, and FedRAMP authorization boundaries.
_Strategy & Leadership_ Provide technical governance over Splunk platform decisions and roadmap evolution. Mentor junior engineers on SPL, data onboarding, and ES content development. Collaborate with SOC, network, and IT teams to align Splunk capabilities with operational and mission objectives.
The ideal candidate possesses strong analytical and troubleshooting skills, with the ability to diagnose complex technical issues and rapidly develop practical, effective solutions. This role requires someone who can clearly articulate findings and recommended actions to leadership to support informed decision‑making. The candidate must also be adept at working within a structured change‑management framework and ensuring full compliance with applicable government oversight and governance requirements.
The candidate must be able to engage effectively with non‑technical stakeholders, guiding them through complex processes and operational steps in a clear, patient, and structured manner. This includes translating technical concepts into accessible language, ensuring stakeholders understand required actions, and providing steady support to help them successfully complete tasks.
What You’ve Done:
- US Citizenship is Required
- Ability to pass a DHS EOD Clearance
- Bachelor’s degree plus 10 years of relevant experience, or Master’s degree plus 15 years.
- 10+ years of Splunk experience in a large clustered environment.
- Demonstrated expertise in Splunk administration and architecture, Linux administration, cloud platforms (AWS/Azure), scripting, and log parsing.
- Splunk Architect certifications required; Splunk ES Certified Admin
- Cribl Admin certification preferred.
- Public Trust eligibility required
- [Secret clearance preferred]
What We Offer:
- 401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed
- Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment)
- Group Term Life, Short-Term Disability, Long-Term Disability
- Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness
- Participation in the Discretionary Time Off (DTO) Program
- 11 Paid Holidays Annually
$180,000 - $240,000 a year
UltraViolet Cyber maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect our company’s differing products, services, industries and lines of business. Candidates are typically placed into the range based on the preceding factors.
We sincerely thank all applicants in advance for submitting their interest in this position. We know your time is valuable.
UltraViolet Cyber welcomes and encourages diversity in the workplace regardless of race, gender, religion, age, sexual orientation, gender identity, disability, or veteran status.
If you want to make an impact, UltraViolet Cyber is the place for you!
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
