Splunk Cyber Security Analyst 1, 2, Senior
Role details
Job location
Tech stack
Job description
The OT Splunk Administrator manages and optimizes SRP's Splunk platform to support Operational Technology (OT) environments. The role enhances OT visibility, ensures dependable logging for security and compliance, and empowers operational teams with accurate, trustworthy data. As the primary owner of the OT Splunk environment, this position leads platform reliability, data ingestion quality, and content development, partnering closely with enterprise and OT cyber security and compliance teams.
What You'll Do
- Lead the administration, maintenance, and technical direction of the OT Splunk platform, ensuring availability, performance, and resilience.
- Modernize OT logging strategy by improving data quality, optimizing ingestion pathways, and strengthening internal controls.
- Onboard and validate OT data sources supporting operational visibility, security detection, and regulatory expectations.
- Build and maintain dashboards, alerts, and searches supporting OT monitoring and compliance frameworks.
- Serve as the subject matter expert for log health, pipeline performance, ingestion reliability, and troubleshooting.
- Partner with OT security analysts and compliance functions to provide evidence, extracts, and defensible log information as needed.
- Support incident analysis by assisting with queries, timelines, and data availability.
- Participate in general team operational responsibilities, including systems administrations, firewall administration (such as lifecycle tasks and communication troubleshooting) and administration of critical authentication services.
- Maintain documentation, architectural diagrams, and runbooks in a way that supports repeatability and audit readiness.
- Mentor analysts, share knowledge across the team, and help uplift OT logging and monitoring capabilities.
- Collaborate with cross-functional partners to enhance visibility, strengthen governance, and support continuous improvement.
- Travel to SRP facilities as needed to support OT stakeholders and operational activities., SRP currently offers a hybrid workplace, which allows employees whose jobs can be performed remotely, and who have sufficient technical capability, to telework up to three days per week. Although teleworking is available, all employees must live and work in Arizona.
Requirements
A bachelor's degree relevant to the assignment from an accredited institution is preferred., This position may be filled at one of three levels outlined below, based on the candidate's relevant education, experience, or a combination of both that demonstrates the required knowledge, skills, and competencies. Eligibility for advancement (progression) to the next level in the same role is based on overall job performance, mastery of all functional responsibilities, and time in position, as assessed by the supervisor.
Level I - Associate: In lieu of a degree, 4 years of relevant experience or an equivalent combination of education and experience totaling 4 years may be considered.
Level 2 - Journey: Minimum 2 years of relevant experience required. In lieu of a degree, 6 years of relevant experience or an equivalent combination of education and experience totaling 6 years may be considered.
Level 3 - Senior: Minimum 5 years of relevant experience required. In lieu of a degree, 9 years of relevant experience or an equivalent combination of education and experience totaling 9 years may be considered., * Experience administering Splunk Enterprise in a technical environment; experience with OT systems is highly beneficial.
-
Strong understanding of Splunk configuration, tuning, and troubleshooting.
-
Familiarity with log ingestion pipelines, server administration concepts, and network fundamentals.
-
Ability to interpret and support OT architectures while applying sound security and compliance practices.
-
Demonstrated experience building dashboards, alerts, and monitoring content.
-
Mindset focused on reliability, accuracy, and continuous improvement.
-
Clear communication skills, especially in documenting processes and collaborating with cross-functional teams.
-
Ability to obtain and maintain NERC CIP access requirements.
-
Strong analytical capability and willingness to work in high stakes, operational environments.
-
Analytical troubleshooting and technical curiosity
-
High accountability and follow through
-
Strong documentation habits
-
Ability to work with diverse stakeholders in complex OT environments Commitment to consistency, reliability, and operational excellence* Experience supporting industrial or utility OT systems, control centers, substations, or other critical infrastructure environments.
-
Experience developing monitoring content or supporting OT detection workflows.
-
Familiarity with regulatory obligations in critical infrastructure environments.
-
Experience with scripting for automation or platform optimization.
Benefits & conditions
SRP's success is rooted in our employees' happiness, health, and safety. That's why we offer a comprehensive benefits package to meet the needs of our employees and enhance their well-being. In addition to competitive pay and performance incentives, eligible employees can take advantage of the following benefits:
- Pension Plan (at no cost to the employee)
- 401(k) plan with employer matching
- Available your first day: Medical, vision, dental, and life insurance
- Over 200+ hours of PTO (includes vacation days, holidays, floating holidays, and sick leave)
- Parental leave (up to 4 weeks) and adoption assistance
- Wellness programs (including access to a recreation and fitness facility)
- Short and long-term disability plans
- Tuition assistance for both undergraduate and graduate programs
- 10 Employee Resource Groups for career development, community service, and networking
