Job
Description
We are seeking a highly skilled Splunk Engineer with expertise in Splunk platform administration, cloud technologies, networking, DevOps practices, and scripting. This role is responsible for developing, deploying, and maintaining Splunk solutions across enterprise environments to support operational intelligence, security, and compliance needs. Key Responsibilities: Design, deploy, and maintain Splunk infrastructure across on-premise and cloud environments (AWS, Azure, GCP). Create custom Splunk dashboards, alerts, and reports tailored to business and operational needs. Integrate Splunk with various data sources, including applications, servers, network devices, and cloud services. Collaborate with DevOps teams to implement monitoring and alerting for CI/CD pipelines and microservices. Develop and maintain scripts (Python, Shell, PowerShell, etc.) for automation, data parsing, and onboarding. Optimize Splunk performance and indexer/search head clustering. Troubleshoot issues related to data ingestion, parsing, and visualization. Implement role-based access control and maintain security compliance across Splunk environments. Support network visibility and threat detection use cases using Splunk and third-party integrations. Required Skills & Qualifications: 4+ years of hands-on experience with Splunk (Enterprise, ES, ITSI, or Observability Suite). Solid understanding of cloud platforms (AWS, Azure, or GCP) and experience deploying Splunk in cloud environments. Strong foundation in networking concepts (TCP/IP, DNS, VPN, Firewall, Load Balancers, etc.). Experience with DevOps tools (Git, Jenkins, Docker, Kubernetes, Terraform, etc.). Experience with SPL. Proficiency in scripting languages such as Python, Bash, or PowerShell. Experience onboarding structured and unstructured data from various sources. Familiarity with log formats and data parsing (JSON, XML, syslog, etc.). Strong problem-solving skills and ability to work independently or as part of a team. Excellent communication and documentation skills. Preferred Qualifications: Splunk Certifications (e.g., Splunk Core Certified Power User, Admin, or Architect). Experience with SIEM use cases and security event monitoring. Exposure to machine learning and anomaly detection using Splunk. Familiarity with REST APIs and integrating third-party applications with Splunk
