Job Title: Senior Splunk Consultant
Experience Required: 10+ Years
Certification: Splunk Consultant or Architect Level Certification
Job Summary:
We are looking for a highly experienced Splunk Consultant with over 10 years of expertise in designing, deploying, and managing large-scale Splunk environments. The ideal candidate should possess consultant-level certifications and be proficient in delivering end-to-end Splunk solutions for enterprise clients. This role involves client interaction, architecture planning, implementation, optimization, and mentoring junior engineers.
Key Responsibilities:
* Lead the architecture, design, deployment, and configuration of Splunk Enterprise and Splunk Cloud environments.
* Define data onboarding strategy and configure complex parsing and indexing solutions.
* Develop custom dashboards, alerts, reports, and visualizations using SPL.
* Work closely with cybersecurity, operations, and application teams to integrate and correlate data sources.
* Perform capacity planning, health checks, performance tuning, and upgrades.
* Create and maintain documentation, including SOPs, architecture diagrams, and deployment guides.
* Act as a trusted advisor for Splunk best practices, licensing, and scaling strategies.
* Train and mentor junior team members and client staff on Splunk usage and management.
* Assist with security monitoring, incident detection, and compliance initiatives (eg, PCI, HIPAA, SOC2).
Required Skills and Experience:
* Minimum 10 years of total IT experience with 7+ years dedicated to Splunk .
* Splunk Consultant-level certification (eg, Splunk Certified Consultant I/II, Architect).
* Hands-on experience with Splunk Enterprise Security (ES) and ITSI modules.
* Strong knowledge of SPL (Search Processing Language) .
* Deep understanding of data ingestion, field extractions, lookup tables, data models, and accelerations .
* Expertise in integrating various data sources including syslog, APIs, and databases.
* Experience with Linux/Unix environments and Scripting (Python, Bash, or PowerShell).
* Familiarity with cloud platforms (AWS, Azure, GCP) and their logging ecosystems.
* Proven experience in leading complex Splunk projects and client engagements.
Preferred Skills:
* Experience with automation/configuration tools (eg, Ansible, Terraform).
* Knowledge of other SIEM platforms for comparative insight.
* Familiarity with DevOps/CI-CD tools and monitoring integrations