Splunk Engineer/Admin

GDH Logo
GDH
Almont, CO, United States (Remote)
  • Environmental
  • Applications have closed

Job Description:
Our client is seeking a highly skilled and experienced Splunk Engineer/Administrator to join their dynamic team. In this role, you will be responsible for managing and enhancing a multi-site Splunk Enterprise environment, ensuring optimal performance and security. The ideal candidate will have a strong background in Splunk administration, data onboarding, and system optimization.

Responsibilities:

  • Operate and secure a multi-site Splunk Enterprise setup, including indexer clustering, search head clustering, and deployment server configurations.
  • Monitor system performance, manage capacity and license usage, and conduct disaster recovery tests to ensure system reliability and data integrity.
  • Lead data onboarding initiatives across various platforms such as on-premises, SaaS, and cloud environments, ensuring compliance with data handling policies.
  • Develop and optimize SPL queries, dashboards, and alerts to improve search efficiency and meet business needs.
  • Provide expert guidance and support to engineers, SREs, and SecOps teams on best practices for using Splunk and troubleshooting issues.
  • Continuously improve system configurations to eliminate bottlenecks and enhance data ingestion and search capabilities.
  • Maintain documentation and automate repetitive tasks to streamline operations and support business continuity.

Qualifications:

  • 3–5+ years of hands-on experience in administering Splunk Enterprise at a multi-TB/day scale, including expertise in indexer clustering and search head clustering.
  • Proven ability in SPL and performance tuning, including knowledge of tstats, data models, accelerations, and search optimization.
  • Extensive experience with data onboarding techniques using forwarders, syslog, and HTTP Event Collector (HEC).
  • Strong proficiency in Linux administration and scripting with bash or Python.
  • Understanding of networking and TLS fundamentals, with experience managing NFS-backed indexers.
  • Excellent communication skills with a focus on customer enablement and documentation.
  • Desirable: Splunk Architect certification; experience with Splunk Enterprise Security (ES), IT Service Intelligence (ITSI), Machine Learning Toolkit (MLTK), and Splunk SOAR.
  • Familiarity with data science and machine learning concepts is a plus.
  • Ability to work effectively in a hybrid environment, balancing on-site and remote responsibilities.
  • Commitment to maintaining a high standard of compliance with audit and data handling policies.

Pay Range: $55.00 – $60.00 Hourly

This position offers a hybrid schedule, allowing for a balanced approach between on-site and remote work.

Apply for job