Splunk Engineer - 26-04926

About The Position

Requirements

• Proven experience administering and engineering Splunk Enterprise or Splunk Cloud in mid-to-large scale environments.
• Strong proficiency in SPL for data analysis and troubleshooting.
• Hands-on experience onboarding new systems and applications into Splunk.
• Experience building dashboards using Splunk Dashboard Studio or Classic Editor.
• Solid understanding of log formats such as syslog, JSON, and XML, including parsing and field extraction.
• Strong knowledge of IT infrastructure (servers, networks, firewalls, cloud environments).
• Experience working with Linux systems and managing Splunk Universal and Heavy Forwarders.

Nice To Haves

• Experience with scripting or automation (Python, PowerShell).
• Familiarity with Splunk Enterprise Security (ES) and/or IT Service Intelligence (ITSI).
• Knowledge of distributed Splunk architectures, including indexer and search head clustering.
• Experience implementing Common Information Model (CIM) compliance and data models.

Responsibilities

• Onboard systems, applications, and log data sources into Splunk, ensuring proper parsing, field extraction, CIM compliance, and normalization.
• Configure and manage forwarders, ingestion pipelines, and data routing strategies.
• Design and develop advanced dashboards, visualizations, and analytics for operational and security use cases.
• Build and optimize complex SPL queries, macros, lookups, and scheduled searches.
• Troubleshoot data ingestion issues, search performance bottlenecks, and data quality concerns.
• Collaborate with infrastructure, application, and security teams to define logging requirements and actionable monitoring solutions.

Benefits

• We offer the most competitive pay for every position.
• You will not be blindsided and your salary will be discussed upfront.