Splunk Engineer
We are looking for a Splunk Engineer to join our team and take part in designing, building, and optimizing enterprise-scale Splunk environments.
Responsibilities:
- Onboarding and integrating log sources (on-premises and cloud) into Splunk (Enterprise/Cloud).
- Building indexing processes, managing sourcetypes, and implementing parsing and field extractions.
- Developing application content: correlation searches, reports, dashboards, and alerts tailored to business and organizational needs.
- Collaborating with Information Security, DevOps, and Infrastructure teams to define requirements and support daily operations.
- Monitoring and optimizing Splunk platform performance and search efficiency.
- Documenting solutions, processes, and providing internal user support.
Requirements:
- 2–3 years of hands-on experience with Splunk - Must
- Proven expertise in integrating diverse log sources and writing TA/SA configurations - Must
- Experience in building reports, dashboards, and alerts - Must
- Strong knowledge of SPL (Search Processing Language) and query optimization - Must
- High level of English (reading/writing).
- Knowledge of Splunk infrastructures: Indexer Clustering, Search Head Clustering, Deployment Server - Must
- Experience in managing and maintaining Splunk apps and add-ons.
- Familiarity with Splunk SOAR/ES - Must
- Experience with cloud platforms (AWS, Azure, GCP) and log integration.
- Background in Security/IT.
- Knowledge of Windows Server/Linux and scripting (Python, PowerShell, Bash).
- Relevant certifications or academic background.