Splunk Specialist - Migration to Elasticsearch (Kubernetes Environment)
Project Context:
Our customer is undertaking a major migration initiative from Splunk to an Elasticsearch-based solution (ELK Stack) deployed on Kubernetes. This role is critical to design, plan, and lead the migration efforts while also supporting current Splunk operations.
Key Responsibilities:
* Lead the end-to-end migration of log data, dashboards, alerts, saved searches, and configurations from Splunk to Elasticsearch.
* Assess and document the current Splunk setup - ingestion pipelines, dashboards, alerting rules, data models, etc.
* Design a detailed migration roadmap, including milestones, risk assessments, and fallback plans.
* Collaborate with Elastic/Elasticsearch platform teams to implement equivalent observability tooling (eg, Watcher, Kibana dashboards).
* Act as the primary Splunk SME supporting the customer's existing team of two during the transition.
* Post-migration, support and troubleshoot any issues related to the new ELK setup on Kubernetes.
Must-Have Experience:
* 6-8 years of experience in daily Splunk administration, operations, and architecture in a production environment.
* Proven experience leading or executing a migration from Splunk to Elasticsearch, including dashboard and alert conversion.
* Strong understanding of Splunk architecture, including indexers, search heads, forwarders, and data models.
* Working knowledge of ELK Stack (Elasticsearch, Logstash, Kibana) in production settings.
* Familiarity with Kubernetes and container-based deployment models.
* Strong Scripting ability (Python, Bash/Shell) for automation of tasks.
* Excellent communication and documentation skills - must be able to interact with technical and business stakeholders.
Nice to Have:
* Splunk Certifications (eg, Splunk Certified Admin/Architect)
* Experience with Bicep, Terraform, or Ansible
* Familiarity with Elastic Observability solutions (eg, Elastic APM, Elastic Security)
Engagement Model:
* Full-time, Hybrid role- based in Birmingham.