Splunk Engineer (Developer and Admin Experience)

Overview

On Site
Hybrid
Up to $65
Full Time

Skills

Splunk
DevOps
Continuous Integration
Continuous Delivery

Job Details

We are seeking a Skilled Splunk Engineer with both Developer and Admin experience to join our Client Information Security Engineering team. This role involves managing and optimizing enterprise Splunk environments, creating dashboards, integrating log sources, and supporting security initiatives. The ideal candidate will have strong troubleshooting skills, hands-on experience with performance tuning, and proficiency in AWS and Python scripting.

Key Responsibilities:

  • Splunk Administration & Troubleshooting

    • Manage and support enterprise Splunk environments.

    • Diagnose and resolve performance, indexing, and search-related issues.

    • Monitor Splunk health, optimize reliability, and ensure scalability.

  • Dashboard & Visualization Development

    • Design and implement custom dashboards, reports, and alerts.

    • Translate business and security requirements into actionable Splunk insights.

  • Performance Tuning & Optimization

    • Optimize search queries, indexing strategies, and ingestion pipelines.

    • Improve system responsiveness and efficiency.

  • Enterprise Security Integration

    • Work with Splunk Enterprise Security (ES) for threat detection and incident response.

    • Develop correlation searches, risk-based alerting, and security dashboards.

  • Log Onboarding & Data Integration

    • Integrate logs from servers, applications, and cloud platforms.

    • Normalize and parse data using props, transforms, and custom scripts.

  • AWS & Cloud Integration

    • Integrate AWS services (CloudTrail, CloudWatch, S3, etc.) with Splunk.

    • Apply cloud security best practices in log ingestion and monitoring.

  • Scripting & Automation

    • Use Python to automate Splunk tasks and enrich data.

    • Develop scripts for custom API integrations and data processing.

Required Skills & Qualifications:

  • 5+ years of experience as a Splunk Engineer (Admin + Developer).

  • Strong expertise in Splunk Enterprise and Enterprise Security (ES).

  • Proven experience with Splunk dashboard creation, log onboarding, and query optimization.

  • Proficiency in AWS services integration with Splunk (CloudTrail, CloudWatch, S3).

  • Strong scripting skills in Python for automation and enrichment.

  • Experience with performance tuning, indexing strategies, and large-scale Splunk deployments.

  • Knowledge of security operations, threat detection, and incident response.

Preferred Qualifications:

  • Splunk certifications (Splunk Core Certified Power User, Admin, or Architect).

  • Experience with DevOps, CI/CD pipelines, and cloud-native monitoring tools.

  • Familiarity with security frameworks (NIST, SOC, ISO).

  • Strong problem-solving, analytical, and communication skills.

Education:

  • Bachelor s degree in Computer Science, Information Security, Engineering, or related field (or equivalent experience).

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.