Splunk Dashboard Engineer

Kforce has a client that is seeking a Splunk Dashboard Engineer in Morrisville, NC. Overview: We are seeking a Splunk Detection & Incident Response Dashboard Engineer to support our Incident, Detection, and Response (IDR) team within the broader Cybersecurity organization. This role is responsible for designing, building, and maintaining Splunk dashboards, reports, and visualizations that enable real time threat detection, incident investigation, and operational awareness across the Security Operations Center (SOC). The ideal candidate specializes in translating security telemetry-logs, alerts, notable events, and metrics-into actionable dashboards that help analysts detect threats faster, investigate incidents efficiently, and measure the effectiveness of detection and response workflows. This role directly supports SOC operations, leadership visibility, and continuous improvement of security outcomes through data driven insights. Key Responsibilities: * Design and maintain Splunk dashboards that support incident detection, investigation, and response workflows within the SOC Develop dashboards and visualizations for security metrics such as:

• Incident volume and severity
• Mean Time to Detect (MTTD) and Mean Time to Respond/Resolve (MTTR)
• Alert fidelity and false positive trends
• Build and optimize Splunk searches, reports, and dashboard panels that surface suspicious activity, detections, and notable events
• Partner closely with Detection Engineers, Incident Responders, and SOC Analysts to understand use cases, threats, and investigative requirements
• Ensure dashboards align with SOC workflows, enabling analysts to quickly pivot from visualization to investigation
• Improve dashboard performance and usability by refining searches and data models used for security analytics
• Support executive and leadership reporting by delivering high level SOC visibility dashboards that summarize security posture and operational performance
• Hands on experience building dashboards and reports in Splunk, ideally in a SOC or cybersecurity context
• Strong understanding of how Splunk is used for security analytics, threat detection, and incident response
• Experience working with security related data sources such as authentication logs, endpoint telemetry, network logs, or application security logs
• Ability to transform unstructured security data into clear, actionable visual insights
• Experience collaborating with incident responders, detection engineers, or SOC analysts
• Strong analytical mindset with attention to detail and operational accuracy

• Experience supporting or working within an Incident Response, Detection Engineering, or SOC team
• Familiarity with Splunk Enterprise Security concepts such as notable events, correlation searches, and SOC KPIs
• Experience building dashboards used for SOC performance measurement or leadership reporting
• Understanding of common cyber threat types and investigative workflows

• SOC analysts rely on dashboards for real time visibility into threats and incidents
• Detection and response teams can quickly identify trends, bottlenecks, and improvement areas
• Leadership has clear, accurate insight into SOC effectiveness and security posture
• Dashboards directly contribute to faster detection, investigation, and response outcomes