Splunk Enterprise Security (ES) Consultant - remote Remote offsite Responsibilities Develop custom detection content: correlation searches, notable events, alerts, reports, and visualizations to surface threat activity Build and maintain Splunk Apps and Technology Add-ons (TAs) Onboard new data sources and normalize them to the Common Information Model (CIM) Optimize data flow and ingestion using aggregation, filtering, and pipeline tuning Configure notable event actions, action menus, and Ada