Job Summary Vinmar is seeking a highly experienced and certified Splunk Architect to design, implement, and maintain our large-scale, distributed Splunk Enterprise and Splunk Enterprise Security (ES) environment. The ideal candidate will be a technical leader, responsible for defining the long-term Splunk architectural strategy, ensuring platform stability, scalability, and security posture in line with organizational cybersecurity objectives. This role requires deep expertise in Splunk Enterprise Security and a proven track record of successful, complex deployments. Key Responsibilities Architecture & Design Serve as the Architectural Lead for the Splunk Enterprise and Splunk Enterprise Security (ES) platforms in high-availability, distributed, and cloud/hybrid environments. Define, design, and maintain the long-term Splunk architecture, including indexer clusters, search head clusters, deployment servers, and heavy/universal forwarders, ensuring optimal performance and resilience. Conduct capacity planning and performance optimization reviews for all Splunk components. Architect and guide the design of security-focused dashboards, data models, and advanced analytics to support threat detection, incident response, and forensic investigations within Splunk ES. Enterprise Security & Platform Management Drive the implementation and configuration of Splunk Enterprise Security (ES), including correlation searches, notable events, risk scoring, and threat intelligence framework integration. Oversee the onboarding and normalization of diverse data sources (OS logs, network logs, application logs, cloud service logs, etc.) into Splunk, ensuring strict alignment with the Splunk Common Information Model (CIM). Develop, implement, and enforce configuration management, security hardening, and change control processes for the Splunk platform. Utilize Splunk Search Processing Language (SPL) expertise to create complex and efficient queries, reports, and data visualizations for various security use cases. Integrate Splunk with other security tools and systems (e.g., SOAR, CMDB, SIEMs) via APIs and custom development. Leadership & Mentorship Provide technical leadership and mentorship to Splunk administrators, engineers, and security analysts on best practices for platform usage, SPL, CIM, and ES features. Create and maintain comprehensive documentation, including conceptual designs, reference architectures, and operational runbooks. Collaborate with cybersecurity leadership and stakeholders to align the Splunk roadmap with overall security and business objectives. Required Qualifications & Expertise Experience Minimum of 8+ years of progressive IT experience, with at least 5 years focused specifically on Splunk Enterprise/ES architecture and engineering in an enterprise environment. Expert-level knowledge of Splunk deployment methodologies, including multi-site clustering, SmartStore, and high-availability design. Proven experience with security use case development, threat modeling, and building effective correlation searches within Splunk ES. Proficiency in scripting languages (e.g., Python, Bash, or PowerShell) for automation of deployment and maintenance tasks. Deep technical understanding of core security concepts, network protocols, server operating systems (Linux/Windows), and cloud infrastructure (AWS, Azure, or GCP). Mandatory Certifications Candidates must possess all of the following current Splunk certifications: Splunk Enterprise Certified Architect (Demonstrates expertise in complex deployment and sizing). Splunk Enterprise Security Certified Admin (Demonstrates mastery of the ES premium solution). Splunk Core Certified Consultant (Highly preferred as a demonstration of holistic expertise). Preferred Qualifications Experience with Splunk SOAR (Security Orchestration, Automation, and Response) or Splunk ITSI (IT Service Intelligence). Relevant industry certifications such as CISSP, CISM, or CompTIA Security+. Experience with Infrastructure as Code (IaC) tools like Ansible or Terraform for managing Splunk deployments.
Wait!
Before You Leave... Find Your Perfect Job!
Are you sure you don't want to discover the perfect job opportunity? At JobPe, we help you find the best career matches, tailored to your skills and preferences. Don’t miss out on your dream job!