18 days old

Splunk Architect

Coalfire Systems
Westminster, CO 80021
  • Job Code
  • Jobs Rated
Coalfire Systems

Coalfire is an EEO employer. We celebrate diversity and are committed to respecting one another, embracing individual differences, and creating an inclusive environment for all employees.

Splunk Architect


Job ID: 2020-3324
Type: Regular Full-Time
# of Openings: 1
Category: Solutions Engineering


Coalfire is the cybersecurity advisor that helps private and public sector organizations avert threats, close gaps, and effectively manage risk. Our professionals are among the most talented in the industry, and each and every day, they strive to provide the unbiased assessments, advice, and innovative solutions that help our clients meet their specific challenges and build long-term strategies to protect their organizations. For nearly 20 years, we've been on the cutting-edge of one of the world's most important industries and we're committed to making the world a safer place by solving our clients' toughest security challenges.


  • Serve as a technical task or project leader in the development best-of-breed SIEM deployments
  • Design, deploy and optimize scalable Splunk architectures in AWS, Azure, GCP and on-premise environments for high-profile clients, including the Fortune 50
  • Be responsible for centralizing log ingest and establishing professional quality monitoring, dashboarding, and alerting of all client-related events within the system boundary
  • Perform highly specialized technical tasks associated with cutting-edge Splunk deployment methods including infrastructure-as-code (IaC)
  • Develop bespoke capabilities to manipulate data and implement high-quality user interfaces within the native Splunk tooling to meet client use cases
  • Execute the deployment, configuration, and optimization of Splunk Enterprise Security (ES)
  • Support data on-boarding and create or enhance field extractions and add-ons for commonly used fields
  • Create scripts as appropriate to retrieve information from external sources, or from the SIEM itself
  • Provide routine reporting from the aforementioned technical implementation and improvements of the dashboards, portals, field extractions, and add-ons
  • Maintain current knowledge of relevant developments in leading SIEM technologies
  • Create formal documentation such as reports, training material, slide decks, and architecture diagrams
  • Communicate with client stakeholders to include leadership, support teams, and system administrators
  • Provide guidance to junior engineers and clients by advising on Splunk and SIEM best practices
  • Participate in internal and external security trainings and conferences


  • BS or above in related Information Technology field or equivalent combination of education and experience
  • Splunk Certified Admin, Splunk Certified Architect (preferred), or Splunk Certified Consultant (I/II)
  • 3+ years of direct experience with Splunk performing deployments and optimization of all components (Indexers, Search Heads, Deployment Servers, Cluster Masters, Universal Forwarders, etc.)
  • 5+ years of direct experience with Linux and/or Windows system administration and cyber security
  • Heavy experience with distributed Splunk environments (not single-box deployment)
  • Experience deploying and configuring Splunk Enterprise Security (Splunk ES)
  • Strong proficiency in Bash
  • Exampled public cloud best practice experience (AWS, Azure, GCP, etc.)
  • Knowledge of cloud-native system monitoring, notifications, and logging tools (i.e. Icinga, CloudWatch, Trivoli, Vegas, CloudFront, Logstash, etc.)
  • Experience working within technical teams of 3-7 individuals in an Agile environment
  • Excellent communication, organizational, and problem-solving skills
  • Effective documentation skills, to include technical diagrams and written descriptions
  • Ability to work independently and as part of a team with professional attitude and demeanor
  • Critical thinking, and ability to balance security requirements with mission needs
  • Ability to work quickly, efficiently and accurately in a dynamic and fluid environment



Jobs Rated Reports for Architect

Posted: 2020-06-20 Expires: 2020-07-21

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Splunk Architect

Coalfire Systems
Westminster, CO 80021

Join us to start saving your Favorite Jobs!

Sign In Create Account
185th2018 - Architect
Overall Rating: 185/220
Median Salary: $78,470

Work Environment
Very Poor
Very Poor
Powered ByCareerCast