Splunk Engineer

Job Title: Splunk Engineer
Location: Austin, TX
Duration: Long term contract

Job Description :                                                                                                                                                                                        

Worker must have hands-on experience using Splunk for operational monitoring and troubleshooting, including creating and executing searches, using dashboards, and supporting alerting workflows. Candidate must be able to support log onboarding/validation and collaborate with ITD teams to ensure reliable data ingestion and actionable alerting.

Required Skills 

 

• Hands-on experience with Splunk Enterprise and/or Splunk Cloud
• Advanced proficiency in Search Processing Language (SPL). Ability to:

Write efficient, optimized searches

Use stats, time chart, eval, lookup, transaction, and data model commands

Tune searches for performance at scale

• Experience in data onboarding. Strong skills in:

Source type design

Field extraction (regex, props.conf, transforms.conf)

Timestamp recognition and line breaking

Index design and strategy

• Experience managing Splunk Technology Add-ons (TAs) for data onboarding, normalization, and CIM alignment.
• Experience with Common Information Model (CIM) mapping
• Ability to design, build, and optimize Splunk dashboards and alerts that provide actionable insights, including KPI-driven visualizations, real-time and scheduled alerts, threshold and anomaly-based detections, alert suppression/tuning to reduce noise, and alignment with operational, security, and business use cases.
• Leadership in technical workshops and discovery sessions. Ability to explain complex concepts to technical and non-technical stakeholders.

Preferred Skills and Qualifications
 

• Experience with Cloud-native log source
• Experience with security tools (EDR, IAM, firewalls, IDS/IPS)
• Splunk Cloud FedRAMP
• One or more Splunk certifications (e.g., Architect, Admin, Certified Consultant)