Sign Up Sign Up Log In Sign Up

Splunk Architect

Job Description

The CDM Program is managed within the DHS National Protection and Programs Directorate, (NPPD)/Office of Cybersecurity and Communications (CS&C)/Network Security Deployment (NSD) Division, responsible for enhancing the security, resilience, and reliability of the Nation’s cyber and communications infrastructure. The DHS CDM Program mission is to safeguard and secure cyberspace in an environment where the threat of cyber-attack is continuously growing and evolving. The CDM Program defends the United States (U.S.) Federal Information Technology (IT) networks from cybersecurity threats by providing continuous monitoring sensors (tools), diagnosis, mitigation tools, and associated services to strengthen the security posture of Government networks.

The CDM Solution uses Splunk as it SEIM.  This role is to be recognized subject matter expert for configuring and administering the Splunk instance(s) that underpin the overall solution to include configuring the associated data feeds.  This role also provides feedback for continuous improvement based on architectural enhancements.  Since Splunk is the integration point of the CDM Solution, this position will be working very closely with the other elements of the solution (i.e. the tools and sensors, the orchestration engine and the dashboards) to ensure overall functionality.

There is no clearance requirement to begin employment. However, as a requirement of continued employment in this position you will be required to obtain a Secret clearance.

What You’ll Get to Do:

  • Architect, Design and Set up and configure Splunk search servers, deployment servers, clustered indexers, and forwarders, as required
  • Design, configure and establish incoming Index feeds from many desperate cyber security tools across the DHS Enterprise to include Operating System and Application level logging.
  • Design, configurate and build a complex operations dashboard to monitor the CDM Solution Environment to include data integrity and quality checks
  • Design, configure and build output feeds for RSA Archer to consume based on the CDM Data Model.
  • Create the procedures and supervise the migration from the current distributed environment into the new consolidated environment.
  • Demonstrate innovative influence for projects
  • Problems faced are difficult and often complex
  • Communicates with parties within and outside of own job function

More About the Role:

  • Prepare status reports at least weekly and monthly and complete other reporting requirements as required
  • Provide QA for team member’s work
  • Responsible for developing, coordinating and maintaining the relevant portions of the Service Operations Handbook and holding team members accountable for following published SOPs.
  • Track and report on team’s performance via formal performance metrics
  • Responsible for providing guidance, coaching and training to other employees within technical discipline

You’ll Bring These Qualifications:

  • There is no clearance requirement to begin employment. However, as a requirement of continued employment in this position you will be required to obtain a Secret clearance.
  • US Citizenship required
  • Must meet eligibility requirements for access to classified information and be clearable to a Department of Homeland Security (DHS) EOD clearance.  Active DoD clearance preferred
  • BA/BS or equivalent years of experience and 10+ Years of relevant experience
  • Certification: Splunk Certified Architect
  • Demonstrated experience designing and implementing Enterprise level Clustered Splunk environments consuming data from lots of different sources.
  • Demonstrated experience designing and building complex dashboards based on Splunk to include complex logic, workflows and data transformation.
  • Demonstrated experience building and maintaining a complex data model to normalize incoming data sources.
  • Demonstrated knowledge of ITIL processes and experience leading a Cyber Operations Team using those processes

These Qualifications Would be Nice to Have:

  • Working knowledge Cyber Security tools like the McAfee and Symantec Suites, Tenable Nesses, ForeScout, RSA Archer
  • Agile developmental experience
  • Relevant DHS or .Gov Cyber Security focused experience
  • Clear and proven communicator and technical leader.  Must be able to work well in an environment where they are facilitating a large group of government and other contractor personnel to achieve a common goal.
  • Detail oriented – must be able to recognize critical elements of successful operations and then hold themselves and their teams accountable for meeting those critical elements.
  • Flexibility – The environment is very dynamic.  The Engineering Manager will be expected to keep up with the changing environment while ensuring a high level of operational effectiveness
  • Team Player – This role is part of a much larger team.  The engineering manager will be expected to grow and develop their subordinate team members’ moral and wellbeing as well as support the overall Operations Team and Team CACI’s mission.

What We Can Offer You:

- We’ve been named a Best Place to Work by the Washington Post.

- Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.

- We offer competitive benefits and learning and development opportunities.

- We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.

- For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.


Job Location



CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.

Company Name:
Security Clearance:
Chantilly, Virginia
United States
Not Specified
Job Number:

Send me email alerts for similar jobs