Job Title: Senior Splunk Consultant
Experience Required: 10+ Years
Certification: Splunk Consultant or Architect Level Certification
Job Summary:
We are looking for a highly experienced Splunk Consultant with over 10 years of expertise in designing, deploying, and managing large-scale Splunk environments. The ideal candidate should possess consultant-level certifications and be proficient in delivering end-to-end Splunk solutions for enterprise clients. This role involves client interaction, architecture planning, implementation, optimization, and mentoring junior engineers.
Key Responsibilities:
Lead the architecture, design, deployment, and configuration of Splunk Enterprise and Splunk Cloud environments.
Define data onboarding strategy and configure complex parsing and indexing solutions.
Develop custom dashboards, alerts, reports, and visualizations using SPL.
Work closely with cybersecurity, operations, and application teams to integrate and correlate data sources.
Perform capacity planning, health checks, performance tuning, and upgrades.
Create and maintain documentation, including SOPs, architecture diagrams, and deployment guides.
Act as a trusted advisor for Splunk best practices, licensing, and scaling strategies.
Train and mentor junior team members and client staff on Splunk usage and management.
Assist with security monitoring, incident detection, and compliance initiatives (eg, PCI, HIPAA, SOC2).
Required Skills and Experience:
Minimum 10 years of total IT experience with 7+ years dedicated to Splunk .
Splunk Consultant-level certification (eg, Splunk Certified Consultant I/II, Architect).
Hands-on experience with Splunk Enterprise Security (ES) and ITSI modules.
Strong knowledge of SPL (Search Processing Language) .
Deep understanding of data ingestion, field extractions, lookup tables, data models, and accelerations .
Expertise in integrating various data sources including syslog, APIs, and databases.
Experience with Linux/Unix environments and Scripting (Python, Bash, or PowerShell).
Familiarity with cloud platforms (AWS, Azure, GCP) and their logging ecosystems.
Proven experience in leading complex Splunk projects and client engagements.
Preferred Skills:
Experience with automation/configuration tools (eg, Ansible, Terraform).
Knowledge of other SIEM platforms for comparative insight.
Familiarity with DevOps/CI-CD tools and monitoring integrations