Splunk Engineer

We are looking for a Splunk Engineer to join our team and take part in designing, building, and optimizing enterprise-scale Splunk environments.

Responsibilities:

• Onboarding and integrating log sources (on-premises and cloud) into Splunk (Enterprise/Cloud).
• Building indexing processes, managing sourcetypes, and implementing parsing and field extractions.
• Developing application content: correlation searches, reports, dashboards, and alerts tailored to business and organizational needs.
• Collaborating with Information Security, DevOps, and Infrastructure teams to define requirements and support daily operations.
• Monitoring and optimizing Splunk platform performance and search efficiency.
• Documenting solutions, processes, and providing internal user support.

Requirements:

• 2–3 years of hands-on experience with Splunk - Must
• Proven expertise in integrating diverse log sources and writing TA/SA configurations - Must
• Experience in building reports, dashboards, and alerts - Must
• Strong knowledge of SPL (Search Processing Language) and query optimization - Must
• High level of English (reading/writing).
• Knowledge of Splunk infrastructures: Indexer Clustering, Search Head Clustering, Deployment Server - Must
• Experience in managing and maintaining Splunk apps and add-ons.
• Familiarity with Splunk SOAR/ES - Must
• Experience with cloud platforms (AWS, Azure, GCP) and log integration.
• Background in Security/IT.
• Knowledge of Windows Server/Linux and scripting (Python, PowerShell, Bash).
• Relevant certifications or academic background.