True Zero Technologies
  • Washington, DC, USA
  • Full Time

full benefits package

True Zero Technologies is seeking a Senior Splunk Architect to join their team. 

Location: Continental US/Remote/Travel 

Work remote/travel/local

Required Skills:

  • Splunk Architect or higher certification
  • Experience designing and implementing ground up distributed Splunk installations including all Splunk server roles (Search Head, Indexers, Heavy Forwarders, Universal Forwarders, etc.)
  • Experience with advanced configuration of Splunk including Indexer Clustering and Search Head Clustering.
  • Experience developing custom Splunk content including scheduled searches, reports, dashboards, etc.
  • Proficient at data on-boarding activities including custom parsing rules, custom Technology Add-On building according to Splunk's Common Information Model (CIM).
  • Experience configuring indexes, index routing, retention policies, etc.
  • Experience working in linux and windows environments, ability to configure:
    • Storage subsystems (I.e. partitioning, Volume Groups, Logical Volumes, etc.)
    • SELinux
    • Familiarity with different flavors of Linux distros (RedHat, CentOS, Ubuntu, etc.)
    • File Permission Settings (linux/windows)
  • Understanding of Syslog configuration principles, ideally in Syslog-NG and RSyslog configurations.
  • Excellent written and oral skills, ability to work closely with multiple customers, manage expectations, and track engagement scope.
  • Ability to efficiently and accurately track expenses, receipts, and submit expense reports on-time.
  • Ability to lead consulting efforts in a solo fashion with little oversight, manage time efficiently based on pre-defined tasks and timelines.
  • Willingness to travel up to 75% for engagements within the Continental United States.


Ideal Skills:

  • Splunk Consultant Certification
  • Cloud experience (AWS, Azure, etc.)
  • Development and API experience (Python, Perl, XML)
  • SaltStack, Ansible, and other enterprise automation tool experience.
  • Hardware experience and storage experience (SAN, NAS, etc.)
  • Prior consulting experience



The candidate will be responsible for delivering on Professional Service engagements on behalf of our partner Splunk as well as direct engagements by True Zero.  Engagements will vary in size and complexity and will provide the candidate with ample opportunity to expand their own skill sets working in a diverse and dynamic services environment.  Engagements will require travel with potential remote and local work as well.  Candidates will be expected to be self-driven and self-managed on engagements, managing customer expectations and acting as a subject matter expert on the Splunk platform, ensuring the customer receives the proper guidance and technical hands on support needed to meet each engagements requirements.  Daily tasks include implementing Splunk Enterprise and associated "apps" both free and premium (Enterprise Security and ITSI), providing capacity planning documentation and performing knowledge transfer throughout the engagement.  Engagement deliverables include both daily and weekly status reports to ensure clients can easily monitor progress, issues, and roadblocks.  Candidates will also be expected to track all expenses/receipts and submit expense reports on a weekly schedule.


As a TZT consultant, the candidate will receive access to the full knowledge base which is driven by the TZT community as well as the technical backing of the entire PS team.  TZT encourages collaboration and growth through information sharing and knowledge workshops.  The candidate will also have access to our internal Slack channel to stay connected with the team as well as the necessary tools to train, demo, test and grow their professional skills.


Type of experience required for the job:

U.S. Citizenship is required as this is in support of a Federal Customer.  Splunk Architect that has the necessary certifications and years of experience to design, implement, maintain, and troubleshoot the Splunk Enterprise logging platform.  Candidates with experience in premium apps such as the Enterprise Security SIEM app and IT Service Intelligence app will be given priority.  Splunk Architects must possess a broad range of technical acumen including operating system configuration, storage subsystem understanding, networking principals, and integration methodologies.


True Zero Technologies
  • Apply Now

    with our quick 3 minute Application!

  • * Fields Are Required

    What is your full name?

    How can we contact you?

  • Sign Up For Job Alerts!

  • Share This Page
  • Facebook Twitter LinkedIn Email
Logo Home Services Careers Contact