We are seeking a skilled Splunk Data Engineer to design, develop, and maintain monitoring solutions that provide actionable insights for security and operational teams. The ideal candidate will have hands-on experience with Splunk, including dashboard creation, search queries, correlation logic, and log ingestion pipelines.
Primary Responsibilities
- Develop, configure, and maintain Splunk dashboards, reports, alerts, and correlation searches to support security monitoring and operational visibility.
- Build and optimize log ingestion pipelines, ensuring accurate parsing, enrichment, and normalization across multiple data sources.
- Create and maintain SOPs, runbooks, triage workflows, and incident remediation procedures for Splunk-based monitoring operations.
- Perform alert triage, event investigation, and root-cause analysis, leveraging SPL queries and correlation logic.
- Continuously tune searches, dashboards, and alerts to improve detection quality and reduce false positives/noise.
- Collaborate with Security Operations, IT, Network, and Application teams to expand log coverage and improve monitoring use cases.
- Monitor Splunk platform health, including performance, indexing, storage, and data ingestion, to ensure high availability and reliability.
Required Skills and Qualifications
- Hands-on experience with Splunk platform, including dashboards, SPL queries, reports, and correlation rules.
- Proven expertise in log analysis, event correlation, and building end-to-end monitoring use cases.
- Experience operationalizing Splunk, including SOPs, triage processes, runbooks, and incident response workflows.
- Strong understanding of log formats (syslog, JSON, Windows events), ingestion methods, and data onboarding best practices.
- Ability to perform incident triage, investigation, and remediation using SPL.
- Knowledge of security monitoring concepts, SIEM architecture, detection logic, and alert tuning.
- Excellent communication, documentation, and collaboration skills, able to work effectively with SOC, IT, and Engineering teams.