Splunk Architect Enterprise Security Specialist

Job Title: Splunk Architect Enterprise Security Specialist

Pay Type: SALARIED EXEMPT 

Location: Remote

About Quzara:

Quzara LLC is an innovative cybersecurity company offering leading-edge compliance and security services. Through our Cybertorch™ platform, we provide managed detection and response (MDR), security operations, and compliance services, with a focus on federal agencies and private organizations seeking robust security solutions. Join us to make an impact in the evolving world of security, compliance, and technology.

Summary of Position Role/Responsibilities

We are seeking a highly experienced Splunk Architect with 5-10 years of Splunk Cloud expertise, including hands-on knowledge of Enterprise Security (ES), SOAR, data ingestion, and dashboard development. This role demands proficiency in federal compliance frameworks (M-2131, NIST, CMMC) and gap assessments, providing customer recommendations and strategic roadmaps. The successful candidate will design and implement cutting-edge security solutions to enhance data visibility and automate threat detection for both enterprise and government environments.

Essential Functions of the Job

• Splunk Cloud Architecture & Deployment:
  1. Lead the design, deployment, and management of Splunk Cloud environments, ensuring performance, scalability, and reliability.
  2. Migrate on-premise Splunk deployments to Splunk Cloud, ensuring seamless data flow, minimal disruption, and security compliance.
  3. Manage and optimize Splunk Cloud services, ensuring integration with enterprise data sources and hybrid environments.
  4. Stay current with Splunk Cloud innovations to enhance functionality and performance through regular updates and best practices.
• Enterprise Security (ES) & SOAR:
  1. Architect and deploy Splunk Enterprise Security (ES) to support real-time threat monitoring, advanced correlation, and incident response.
  2. Develop and optimize SOAR playbooks to automate workflows and incident responses, reducing manual effort for SOC teams.
  3. Ensure that security analytics align with Zero Trust architecture and other government mandates.
• Data Ingestion & Dashboard Development:
  1. Design robust data ingestion pipelines for cloud and hybrid environments, integrating data from multiple sources (Syslog, APIs, databases, SaaS platforms).
  2. Develop custom dashboards, visualizations, and reports to meet enterprise and government compliance requirements.
  3. Maintain data models to support high-performance searches and analytics, ensuring scalability across large datasets.
• Gap Assessment & Customer Recommendations:
  1. Perform comprehensive gap assessments of existing Splunk implementations, identifying weaknesses, and opportunities for improvement.
  2. Provide strategic recommendations, roadmaps, and timelines to enhance security posture and optimize Splunk Cloud performance.
  3. Work closely with customers to remediate gaps, ensuring alignment with NIST 800-53, CMMC, M-2131, and other frameworks.
• Federal Security & M-2131 Compliance:
  1. Ensure all Splunk deployments meet OMB M-2131 directives and align with federal security requirements, including NIST 800-53 and CMMC Level 2/3.
  2. Collaborate with government security teams to implement Zero Trust principles within Splunk Cloud environments.
  3. Support incident response workflows to align with FedRAMP, FIPS, and other federal data protection policies.
• Collaboration & Leadership:
  1. Lead cross-functional teams, including SOC analysts, engineers, and compliance specialists, to implement security solutions.
  2. Provide mentoring and guidance to junior team members and Splunk developers to build internal expertise.
  3. Collaborate with product managers, customers, and compliance experts to align solutions with business needs and security frameworks.

Normal Work Schedule

This is a full-time position. Standard business hours are Monday through Friday 8:30 AM to 5:30 PM. Additional time outside of these hours may be needed to complete the essential functions of the job.

Education, Training, and Experience

• 5-10 years of Splunk Cloud experience, including architecture, deployment, and optimization.
• Proven success in migrating on-premises environments to Splunk Cloud and maintaining hybrid deployments.
• Expertise with Splunk Enterprise Security (ES) and SOAR for security monitoring, orchestration, and automation.
• Deep knowledge of data ingestion frameworks, including cloud-based data sources (AWS, Azure, SaaS) and log management.
• Strong experience building dashboards, alerts, and visualizations tailored to enterprise and federal requirements.
• Hands-on experience with gap assessments, roadmaps, and customer recommendations.
• Familiarity with federal frameworks, including OMB M-2131, NIST 800-53, CMMC, Zero Trust, and FedRAMP.
• Proficiency with incident response workflows and automation using SOAR playbooks.
• Strong understanding of Linux, networking, and cloud services (AWS, Azure, or others).

Preferred Qualifications:

• Splunk Certified Architect or Enterprise Security Certified Admin.
• Experience working with MDR tools and services for federal agencies.
• Familiarity with the MITRE ATT&CK framework and threat intelligence platforms.
• Practical knowledge of SIEM integrations and compliance tools like Cybertorch™ or equivalent.

Soft Skills:

• Strong analytical and problem-solving skills with a focus on performance optimization.
• Excellent communication and interpersonal skills, with the ability to engage both technical and non-technical stakeholders.
• Demonstrated leadership skills and the ability to drive complex projects from initiation to completion.
• Ability to work independently and collaboratively in a fast-paced environment.

Why Join Quzara?

• Opportunity to work on high-impact federal projects and cutting-edge technologies.
• Be part of a mission-driven team shaping the future of cybersecurity and compliance.
• Competitive salary, benefits, and professional development opportunities.
• Flexible work environment with remote work options.

EEO Statement

The Company is an Equal Employment Opportunity (EEO) employer and does not discriminate based on race, color, religion, sex, sexual orientation, national origin, age, marital status, disability, veteran's status, or any other basis protected by applicable discrimination laws.