Job Description

Role Overview
We are seeking an experienced Splunk engineer to help stabilize, optimize, and improve our Splunk environment. This role will support search performance, data reliability, usability, and governance practices to ensure Splunk aligns to our security, compliance, and analytics requirements. The ideal candidate combines deep Splunk platform expertise with hands-on engineering experience in search optimization, pipeline reliability, knowledge object hygiene, and security-focused data workflows.
Key Responsibilities
Search & Performance Optimization

• Improve speed and efficiency of searches across large datasets.
• Implement caching, tuning, and search-hygiene practices to reduce redundant or costly searches.
• Enhance workflows so analysts can pivot and reuse results without re-running full searches.

Data Integration & Reliability

• Strengthen stability and reliability of Splunk data pipelines for exports and integrations.
• Support real-time or near-real-time data flows where applicable.
• Improve resiliency of indexing, clustering, and correlation workloads.

Governance & Lifecycle Management

• Review and rationalize existing knowledge objects (saved searches, lookups, dashboards).
• Implement monitoring to track field drift, schema changes, or configuration defects that affect detections.
• Define lightweight governance and lifecycle controls for knowledge objects and detection artifacts.
• Support alignment with broader data governance policies, including access models, retention, and auditability.

Advanced Capabilities & Usability

• Enable notebook-style investigative analysis for collaboration and reproducibility.
• Assist data transformation and ML/AI-driven analytics enhancements where practical.
• Provide guidance on detection-as-code best practices and CI/CD integration for security detection workloads.

Required Skills & Experience

• Strong hands-on experience with Splunk Enterprise / Enterprise Security administration and engineering.
• Expert level capability in SPL tuning, indexing strategy, search optimization, and performance troubleshooting.
• Proven experience with data pipeline reliability and ingestion stabilization.
• Familiarity with Splunk governance principles (knowledge object hygiene, schema evolution, retention/access practices).
• Proficiency in Python or scripting for automation and advanced handling.

Preferred Skills

• Experience with security detection engineering or detection-as-code frameworks.
• Background in ML/AI features within Splunk or adjacent systems.
• Understanding of compliance frameworks and their implications on Splunk governance.

Job Tags

Similar Jobs