We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

Splunk Architect / Subject Matter Expert (SME) at ECS. Location Information: Work from home, VA. . ECS is seeking a . Splunk Architect / Subject Matter Expert (SME) . to work . remotely. . . Please Note:. This position is contingent upon contract award.. . . . ECS Federal is seeking an experienced Splunk Architect to design, build, and optimize an integrated . Splunk. . SOAR. . +. . UBA. . +. . Core. environment with automated compliance via . Qmulos. . Q‐Compliance/Q‐Audit. for a long‐term Federal program. You will lead hybrid (remote‐first) engineering efforts that advance the client toward . OMB. . M‐21‐31 Event Logging Level. . 3. while mapping evidence to NIST 800‐53, FISMA, and NERC CIP.. . . . . . Position. . Responsibilities:. . . Architect & Engineer. Splunk Core, SOAR, and UBA tiers; develop data‐ingest blueprints and high‐level architecture.. . Automate Compliance. using Q‐Compliance/Q‐Audit to map controls and produce real‐time dashboards.. . Develop SOAR Playbooks. . &. . UBA Models. for privileged‐account misuse, lateral movement, and OT/IT segmentation alerts.. . Integrate OT Log Sources. via secure one‐way transfers and document risk mitigations.. . Lead Workshops & Knowledge. . Transfer. sessions; create Section 508‐compliant diagrams and runbooks.. . Mentor. BPA analysts and junior engineers on Splunk best practices and compliance automation.. . . . . . . Salary Range: $150,000 - $190,000. . General Description of Benefits. . . Qualifications. . . Hands‐on Experience. . . 3 + years architecting Splunk Enterprise / Splunk SOAR (Phantom) solutions in federal or critical‐infrastructure settings . . 2 + years deploying Splunk UBA . and. Qmulos Q‐Compliance/Q‐Audit, including control mapping to NIST/FedRAMP . . . Proven ability to automate compliance evidence for OMB M‐21‐31, NIST RMF, and EO 14028 objectives.. . Strong stakeholder‐engagement, documentation, and briefing skills suitable for C‐suite and COR audiences.. . . Clearance Requirement:. . . . U.S. citizenship and eligibility to obtain a DOE public‐trust (Q level) clearance; sponsorship provided. . . . . . Certifications. . /. . Licenses:. . . Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or related discipline (or equivalent experience).. . Active . Splunk certifications. : Splunk Core Certified Admin . and. Splunk SOAR Certified Automation Developer. . Preferred: Splunk Certified . Architect. , CISSP, CISM, or Qmulos Certified Professional.. . . . .