×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Splunk SME

Job in Baltimore, Anne Arundel County, Maryland, 21276, USA
Listing for: Purple Drive LLC
Full Time position
Listed on 2026-01-16
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below

Role:
Splunk SOAR & Splunk Engineer/ SME

Location: Baltimore, MD

Key Responsibilities

  • Design, develop, and maintain automated playbooks using Splunk SOAR (Phantom) to streamline SOC workflows.
  • Integrate SOAR with security tools, IT systems, ticketing platforms, and threat intelligence feeds.
  • Administer and optimize Splunk Enterprise in distributed, high-ingest environments.
  • Implement Splunk best practices for indexing, data models, SPL optimization, and knowledge objects.
  • Manage data ingestion and routing using Cribl
    , and leverage Redis for caching and enrichment.
  • Develop SQL-based integrations for data correlation, enrichment, and reporting.
  • Collaborate with SOC and IT teams to align automation with detection and response strategies.
  • Monitor Splunk platform health, scalability, and redundancy.

Essential Skills

  • 5+ years of hands‑on experience with Splunk Enterprise
    , including multi‑TB daily ingest environments.
  • 2+ years of Splunk SOAR (Phantom) playbook design and development experience.
  • Advanced SPL knowledge, search optimization, and object management.
  • Strong experience with Cribl, Redis, and SQL for data ingestion, enrichment, and correlation.
  • Proficiency in Python (JSON/XML parsing, API integrations, regex); familiarity with Power Shell and Bash
    .
  • Experience integrating REST APIs with OAuth and key-based authentication.
  • Solid understanding of SOC operations
    , cybersecurity fundamentals, and MITRE ATT&CK framework.
  • Strong knowledge of Linux/Unix administration
    , networking concepts, and authentication systems.
  • Experience with Git/version control systems
    .
  • Splunk Certified Admin and Splunk SOAR Developer certifications.

Nice-to-Have Skills

  • Threat intelligence integrations (TAXII, MISP, Recorded Future).
  • Experience with Splunk upgrades and platform migrations.
  • Knowledge of Splunk MLTK, UBA, ITSI
    .
  • Understanding of data lifecycle management (compliance, retention, normalization).
  • Familiarity with Docker, Kubernetes
    , and Dev Ops practices.
  • Knowledge of Zero Trust security architecture.

Experience Required

  • 10+ years overall IT/Security experience.
#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search