Overview
On Site
$70 - $72 hr
Contract - Independent
Contract - W2
Contract - 3+ mo(s)
Skills
Network
Licensing Management
RBAC
Storage
SaaS
Cloud Computing
Microsoft Azure
Amazon Web Services
SEO
Normalization
Linux
Research
RF
Salesforce.com
Failover
KPI
Extraction
Dashboard
Auditing
Regulatory Compliance
Access Control
Clustering
DS
DirectShow
SPL
Performance Tuning
DMS
Onboarding
Linux+
Scripting
Bash
Python
Computer Networking
TLS
NFS
Elasticsearch
Data Science
Machine Learning (ML)
Splunk
ROOT
Insurance
Privacy
Sourcing
Decision-making
Artificial Intelligence
Job Details
Payrate: $70.00 - $72.00/hr.
Responsibilities:
Nice-to-have:
Basic Qualifications:
Pay Transparency: The typical base pay for this role across the U.S. is: $70.00 - $72.00/hr. Final offer amounts, within the base pay set forth above, are determined by factors including your relevant skills, education and experience and the benefits package you select. Full-time employees are eligible to select from different benefits packages. Packages may include medical, dental, and vision benefits, 10 paid days off, 401(k) plan participation, commuter benefits and life and disability insurance.
For information about our collection, use, and disclosure of applicant's personal information as well as applicants' rights over their personal information, please see our Privacy Policy ().
Aditi Consulting LLC uses AI technology to engage candidates during the sourcing process. AI technology is used to gather data only and does not replace human based decision making in employment decisions. By applying to this position, you agree to Aditi s use of AI technology, including calls from an AI Voice Recruiter.
#AditiConsulting
#25-22628
Responsibilities:
- Sources span on-prem apps/appliances/network devices, SaaS, private cloud/K8s, Azure & AWS
- The most important ways the person doing the job should spend their time are...
- Keeping a multi-site Splunk Enterprise (indexer clustering + SHC) healthy: upgrades/patching, daily/weekly health checks, capacity & license management, DR tests.
- Onboarding data cleanly and securely: forwarders/syslog/HEC; sourcetypes, props/transforms, timestamping/line-breaking, field extractions, retention.
- Improving performance and reliability: monitor ingestion/search performance, queues, storage/bucket health; remove bottlenecks; tune searches and data models.
- Enabling users: create/optimize SPL searches, dashboards, alerts; advise engineers, SREs, and SecOps on best practices and troubleshooting.
- The most important duties are
- Operate and harden a multi-site Splunk Enterprise environment (indexer clustering, SHC, deployer/deployment server, RBAC, app lifecycle).
- Monitor and tune ingestion, search, and storage (RF/SF validation; bucket health; NFS tuning; queue depths).
- Lead data onboarding projects across on-prem, SaaS, cloud (Azure/AWS), K8s; ensure auditability and data-handling policy compliance.
- Build/optimize SPL, dashboards, alerts; coach consumers on SPL and performance patterns (tstats, accelerations, base/inline searches).
- Maintain DR posture and execute/verify failovers.
- What this job needs to be successful is (traits and characteristics)
- Expert SPL and performance tuning (tstats, data models/accelerations, search optimization).
- Deep data-onboarding skills (forwarders/syslog/HEC) and props.conf/transforms.conf mastery (timestamps, line-breaking, field extraction, value normalization).
- Strong Linux admin + scripting (bash, Python); networking/TLS fundamentals.
- Experience with NFS-backed indexers (operational tuning/gotchas).
- Clear communicator with a customer-enablement mindset; documents well; bias for automation.
Nice-to-have:
- Splunk Architect cert; experience with ES, ITSI, MLTK, and SOAR; familiarity with data-science/ML concepts (to partner with teams, not to lead research).
- 3-5+ years administering Splunk Enterprise at multi-TB/day scale, including indexer clustering and SHC in multi-site deployments
- The simplest and easiest way to see that this job is done well is...
- Cluster health green: RF/SF consistently met; successful failover tests.
- Low ingest error rate and low data latency to index; stable license utilization.
- Search KPIs: median and P95 search times within agreed SLOs; reduced scheduler/skipped search rates.
- Clean data: correct timestamps, low unknown sourcetypes, stable field extraction accuracy.
- User outcomes: growing self-service usage, actionable dashboards/alerts, and satisfied internal customers (shorter MTTR for incidents).
- No audit/compliance exceptions related to Splunk data handling or access controls.
Basic Qualifications:
- 3-5+ years hands-on Splunk Enterprise administration at scale (multi-TB/day), including indexer clustering, SHC, deployer/DS, license mgmt.
- Strong SPL and performance tuning (tstats, DMs, accelerations, base/inline searches).
- Data onboarding expertise: forwarders/syslog/HEC; props/transforms; timestamping/line-breaking; field extractions; retention planning.
- Linux + scripting (bash/Python); networking/TLS fundamentals.
- Experience operating with NFS-backed indexers.
- Nice-to-have: Splunk Architect cert; ES/ITSI/MLTK/SOAR; familiarity with data-science/ML concepts.
- How to apply (required)
- Submit your resume and a brief note describing one difficult Splunk performance issue you solved: symptoms root cause fix before/after metrics.
Pay Transparency: The typical base pay for this role across the U.S. is: $70.00 - $72.00/hr. Final offer amounts, within the base pay set forth above, are determined by factors including your relevant skills, education and experience and the benefits package you select. Full-time employees are eligible to select from different benefits packages. Packages may include medical, dental, and vision benefits, 10 paid days off, 401(k) plan participation, commuter benefits and life and disability insurance.
For information about our collection, use, and disclosure of applicant's personal information as well as applicants' rights over their personal information, please see our Privacy Policy ().
Aditi Consulting LLC uses AI technology to engage candidates during the sourcing process. AI technology is used to gather data only and does not replace human based decision making in employment decisions. By applying to this position, you agree to Aditi s use of AI technology, including calls from an AI Voice Recruiter.
#AditiConsulting
#25-22628
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.