Job Opportunity for Senior Splunk Engineer

Overview

Remote
$90,000 - $100,000
Full Time
Accepts corp to corp applications

Skills

Splunk Enterprise
Splunk Cloud
Splunk Enterprise Security
Phantom
SOAR
ServiceNow
Jira

Job Details

Senior Splunk Engineer

Profile Summary -
Highly skilled and results-driven Senior Splunk Engineer with over 8+ years of experience in architecting, implementing, and managing end-to-end Splunk solutions across enterprise environments. Proven expertise in log aggregation, data onboarding, dashboard creation, correlation searches, alert tuning, and integrating security and operational data for actionable insights.

Strong background in Security Information and Event Management (SIEM), IT Operations Analytics, and compliance monitoring, with a deep understanding of enterprise infrastructure, cloud platforms, and threat detection.
Core Competencies :-
Splunk Enterprise, Splunk Cloud, and Splunk Enterprise Security (ES)
Designing & implementing indexer clustering, search head clustering, and forwarder configurations
Custom SPL query development and dashboard creation for real-time analytics
Data onboarding using Universal/Heavy Forwarders, APIs, and scripted inputs
Integration with cloud platforms: AWS, Azure, Google Cloud Platform (CloudTrail, CloudWatch, etc.)
Creating correlation searches, notable events, and risk-based alerting in ES
Use case development for MITRE ATT&CK, SOC operations, and threat hunting
Experience with Phantom/SOAR, ServiceNow, Jira, and ticketing integrations
Familiarity with regex, Python, bash scripting, and REST APIs
Experience Highlights :-
Led enterprise Splunk deployment for a financial institution, managing over 20 TB/day of log ingestion and multiple security and compliance dashboards.
Built advanced threat detection and correlation rules to identify insider threats and lateral movement aligned with MITRE ATT&CK.
Developed onboarding framework for cloud-native logs from AWS CloudTrail, Azure Activity Logs, and Kubernetes environments.
Optimized searches and alerts to reduce false positives by 40%, improving SOC response time.
Conducted Splunk health checks, license usage audits, and data model optimizations for peak performance.
Certifications :-
Splunk Core Certified Power User
Splunk Certified Admin
Splunk Enterprise Security Certified
(Optional) AWS Certified Cloud Practitioner / Azure Fundamentals

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

About Proventus Metrics