Senior Splunk Engineer

Job Description

Requirements
- -----------

### Must have:

### - We require 5+ years of senior-level Splunk engineering experience. - We need hands-on expertise building Splunk Enterprise in distributed and clustered environments. - We require strong performance tuning skills, including diagnosing and improving platform health, replication behavior, search head clustering, resource utilization, and data model acceleration. - We need advanced Splunk SPL proficiency for writing, optimizing, and troubleshooting complex queries. - We require practical experience deploying and tuning Splunk Enterprise Security in production settings. - We need advanced experience onboarding diverse data sources and aligning them to the Common Information Model. - We require scripting and automation skills with Python, Bash, or PowerShell. - We need strong Linux administration knowledge, including hardening, package management, process monitoring, and troubleshooting. - We require a solid understanding of enterprise networking concepts such as TCP/IP, firewalls, load balancers, DNS, and VLANs. - We need experience integrating Splunk with enterprise authentication systems such as LDAP, SAML, and Active Directory. - We require the ability to create and maintain technical documentation, runbooks, and operational procedures. - We prefer candidates with Splunk certifications such as SPLK-1003, SPLK-3003, or SPLK-5001. - We prefer experience supporting large-scale, multi-site enterprise deployments and familiarity with security operations workflows.

Responsibilities:
- ----------------

- We will engineer, deploy, configure, and validate a multi-site, highly available Splunk Enterprise platform. - We will extend the platform with Splunk Enterprise Security and ensure it is fully operational. - We will design and implement core Splunk architecture components, including cluster manager, license master, deployer, deployment server, monitoring console, indexer cluster, and search head cluster. - We will deploy and configure universal forwarders and heavy forwarders. - We will build deployment apps, server classes, and automated rollout scripts. - We will onboard and validate data from sources such as Windows, firewall, cloud, endpoint, and network systems. - We will ensure proper Common Information Model alignment across incoming data. - We will configure custom indexes, authentication, SMTP relay, and load balancer settings. - We will install, configure, and operationalize Splunk ES in the environment. - We will validate ES data model acceleration, correlation searches, dashboards, notable events, and detection logic. - We will tune correlation searches, thresholds, data models, and overall platform performance. - We will ensure ES content is fully integrated with the underlying Splunk Enterprise deployment. - We will produce as-built documentation, architecture diagrams, runbooks, tuning guidance, and operational procedures. - We will validate ingest pipelines, cluster stability, search performance, CIM compliance, and ES functionality. - We will provide technical knowledge transfer and hands-on enablement to customer engineering teams.
- -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Company:
- -------

We are seeking a Senior Splunk Engineer for a 3-6 month contract-to-hire opportunity in Bensalem, PA, with an onsite requirement five days per week. This role supports a compensation target of up to $90 per hour on W2, and the selected candidate may also be eligible for discretionary bonuses as well as medical, dental, vision, and 401(k) benefits. We value a diverse workplace and welcome applicants from all backgrounds. The position includes preliminary AI-assisted screening, followed by review from our recruiters and hiring managers.
- -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------