ECS Limited
Splunk Architect / Subject Matter Expert (SME)
ECS Limited, Virginia Beach, Virginia, us, 23450
ECS is seeking a
Splunk Architect / Subject Matter Expert (SME)
to work
remotely .
Please Note:
This position is contingent upon contract award.
ECS Federal is seeking an experienced Splunk Architect to design, build, and optimize an integrated
Splunk
SOAR
+
UBA
+
Core
environment with automated compliance via
Qmulos
Q-Compliance/Q-Audit
for a long-term Federal program. You will lead hybrid (remote-first) engineering efforts that advance the client toward
OMB
M-21-31 Event Logging Level
3
while mapping evidence to NIST 800-53, FISMA, and NERC CIP.
Position
Responsibilities: Architect & Engineer
Splunk Core, SOAR, and UBA tiers; develop data-ingest blueprints and high-level architecture. Automate Compliance
using Q-Compliance/Q-Audit to map controls and produce real-time dashboards. Develop SOAR Playbooks
&
UBA Models
for privileged-account misuse, lateral movement, and OT/IT segmentation alerts. Integrate OT Log Sources
via secure one-way transfers and document risk mitigations. Lead Workshops & Knowledge
Transfer
sessions; create Section 508-compliant diagrams and runbooks. Mentor
BPA analysts and junior engineers on Splunk best practices and compliance automation.
Salary Range: $150,000 - $190,000
General Description of Benefits
Hands-on Experience 3 + years architecting Splunk Enterprise / Splunk SOAR (Phantom) solutions in federal or critical-infrastructure settings 2 + years deploying Splunk UBA
and
Qmulos Q-Compliance/Q-Audit, including control mapping to NIST/FedRAMP Proven ability to automate compliance evidence for OMB M-21-31, NIST RMF, and EO 14028 objectives. Strong stakeholder-engagement, documentation, and briefing skills suitable for C-suite and COR audiences. Clearance Requirement: U.S. citizenship and eligibility to obtain a DOE public-trust (Q level) clearance; sponsorship provided
Certifications
/
Licenses: Bachelor's degree in Computer Science, Cybersecurity, Engineering, or related discipline (or equivalent experience). Active
Splunk certifications : Splunk Core Certified Admin
and
Splunk SOAR Certified Automation Developer Preferred: Splunk Certified
Architect , CISSP, CISM, or Qmulos Certified Professional.
Splunk Architect / Subject Matter Expert (SME)
to work
remotely .
Please Note:
This position is contingent upon contract award.
ECS Federal is seeking an experienced Splunk Architect to design, build, and optimize an integrated
Splunk
SOAR
+
UBA
+
Core
environment with automated compliance via
Qmulos
Q-Compliance/Q-Audit
for a long-term Federal program. You will lead hybrid (remote-first) engineering efforts that advance the client toward
OMB
M-21-31 Event Logging Level
3
while mapping evidence to NIST 800-53, FISMA, and NERC CIP.
Position
Responsibilities: Architect & Engineer
Splunk Core, SOAR, and UBA tiers; develop data-ingest blueprints and high-level architecture. Automate Compliance
using Q-Compliance/Q-Audit to map controls and produce real-time dashboards. Develop SOAR Playbooks
&
UBA Models
for privileged-account misuse, lateral movement, and OT/IT segmentation alerts. Integrate OT Log Sources
via secure one-way transfers and document risk mitigations. Lead Workshops & Knowledge
Transfer
sessions; create Section 508-compliant diagrams and runbooks. Mentor
BPA analysts and junior engineers on Splunk best practices and compliance automation.
Salary Range: $150,000 - $190,000
General Description of Benefits
Hands-on Experience 3 + years architecting Splunk Enterprise / Splunk SOAR (Phantom) solutions in federal or critical-infrastructure settings 2 + years deploying Splunk UBA
and
Qmulos Q-Compliance/Q-Audit, including control mapping to NIST/FedRAMP Proven ability to automate compliance evidence for OMB M-21-31, NIST RMF, and EO 14028 objectives. Strong stakeholder-engagement, documentation, and briefing skills suitable for C-suite and COR audiences. Clearance Requirement: U.S. citizenship and eligibility to obtain a DOE public-trust (Q level) clearance; sponsorship provided
Certifications
/
Licenses: Bachelor's degree in Computer Science, Cybersecurity, Engineering, or related discipline (or equivalent experience). Active
Splunk certifications : Splunk Core Certified Admin
and
Splunk SOAR Certified Automation Developer Preferred: Splunk Certified
Architect , CISSP, CISM, or Qmulos Certified Professional.