Senior Splunk Engineer Full Time

Job Title: Splunk Engineer (ES App Observability and Log Management Functions)

he primary focus will be on deploying, managing, and optimizing Splunk Enterprise Security (ES) for comprehensive log management and observability. You will play a critical role in ensuring the reliability, scalability, and efficiency of our on-premises Splunk infrastructure, supporting security operations, and driving actionable insights from machine data. Key Responsibilities Deploy, configure, and maintain Splunk Enterprise in an on-premises environment. Manage ES Search Head, Indexers, and Indexer Storage, ensuring high availability and data integrity. Oversee data collection using Universal and Heavy Forwarders; troubleshoot and optimize data onboarding. Administer and monitor Splunk license usage, License Managers, and Cluster Managers. Develop, optimize, and maintain Splunk search queries, dashboards, and alerts for security and observability use cases. Collaborate with security, network, and IT teams to integrate diverse log sources and improve detection capabilities. Implement best practices for Splunk architecture, data retention, and search performance. Perform regular system health checks, upgrades, and patch management. Document configurations, processes, and changes for operational transparency and knowledge sharing. Provide onsite technical support and training for end-users and stakeholders.

Required Skills & Experience Proven hands-on experience with Splunk Enterprise in on-premises environments. Deep understanding of Splunk Search Management, ES Search Head, Indexers, and Indexer Storage. Experience configuring and managing Universal and Heavy Forwarders. Familiarity with Splunk License Manager and Cluster Manager roles and operations. Strong expertise in developing and optimizing Splunk searches, reports, and dashboards. Solid understanding of IT operations, security event management, and log management best practices.

Proficiency in troubleshooting Splunk components and system integrations. Excellent communication and documentation skills. Ability to work independently and as part of a cross-functional team.

Preferred Qualifications Splunk Certified Admin, Architect, or Enterprise Security certification(s). Experience with security operations, SIEM, and observability solutions. Scripting skills (e.g., Python, Bash) for automation and integration. Familiarity with regulatory and compliance frameworks related to log management and security.

Bachelor’s degree in IT related field.

Example Job Tasks Onboard new log sources into Splunk. Create and tune correlation searches to detect security incidents. Perform root cause analysis on performance bottlenecks in search or indexing. Maintain and optimize indexer storage and retention policies. Prepare regular usage and health reports for management.