Splunk ITSI SME

Role: Splunk ITSI SME
Location: Remote USA
Mode: Contract

Job Description:

Important Submission Note:

• Please ensure profiles have 5+ years of hands-on Splunk ITSI experience.

Requirements:

• 5+ years of hands-on experience with Splunk IT Service Intelligence (ITSI) not just core Splunk.

• 4 5+ years of overall Splunk experience.

• 4 8 years of total industry experience as a technology practitioner (IT Operations or Security).

• Successful enterprise-level implementation of Splunk Cloud a plus.

• Experience gathering requirements, documenting, analyzing, and product testing.

• Prior experience in large enterprise environments (>5,000 servers).

• Splunk Certification (or equivalent experience) preferred.

• AWS/Azure cloud runtime services (EC2, Lambda, CloudWatch, Functions, etc.).

• 2+ years of rule and advanced logic creation within Splunk.

• Experience developing ITSI glass tables, service trees, correlation searches, KPI s, and notable event aggregation policies.

• Ability to interface well with end users.

• Strong written and verbal communication skills.

Primary Responsibilities:

• Engineer, configure, administer, and support enterprise observability solutions with Splunk Cloud, ITSI, and Infrastructure Monitoring.

• Develop ITSI glass tables, service trees, entity designs, KPI s, and correlation searches.

• Create front-end searches, dashboards, and reports using SPL.

• Perform root cause analysis and resolve post-implementation issues.

• Design low-level artifacts and support high-level design.

• Expand use cases and onboard new data sources.

• Conduct Splunk health checks, review deployment architecture, and optimize performance.

• Train Ops Analysts and IT Engineers on Splunk use and performance.

• Partner with risk, compliance, and cybersecurity teams to meet SIEM policies and standards.

• Automate ingestion, onboarding, and log management processes.

• Maintain 24x7 uptime and continuously improve performance, availability, and stability.