Experience required - 6+ years
We are looking for a Full-Stack Splunk Engineer to deliver end-to-end Splunk platform services, covering pre-sales advisory, architecture design, implementation, development, optimization, and ongoing support. The role requires strong technical depth, customer-facing skills, and ownership of the complete Splunk lifecycle to drive measurable business outcomes.
Key Responsibilities
- Engage customers during pre-sales and solution advisory to understand business challenges and define Splunk use cases aligned with IT, Security, and business outcomes.
- Design and size scalable Splunk architectures across Cloud, On-Prem, and Hybrid environments.
- Deliver tailored Splunk demos, presentations, and proof-of-value (PoV) engagements demonstrating business impact and ROI.
- Lead end-to-end data onboarding and integration for logs, metrics, and events using Splunk best practices.
- Develop SPL searches, alerts, dashboards, and visualizations for executive, operational, and security use cases.
- Engineer and operationalize use cases across Security Operations, ITOps, Observability, and Business Analytics.
- Implement, expand, and manage Splunk platforms including UF, HF, Indexers, Search Heads, and clustering.
- Plan and execute Splunk upgrades, migrations, and platform modernization with minimal business disruption.
- Optimize platform performance, search efficiency, and license utilization.
- Provide L2/L3 support, health checks, incident response, and continuous platform optimization as part of managed services.
Required Skills & Experience
- Strong hands-on experience with Splunk Enterprise and/or Splunk Cloud.
- Expertise in SPL, distributed Splunk architecture, data onboarding, and performance tuning.
- Experience with Linux/Unix systems, scripting (Python/Bash), and REST/API integrations.
- Proven ability to independently own end-to-end Splunk implementations.
- Strong communication and presentation skills for customer-facing engagements.
Preferred Qualifications
- Splunk certifications (Admin, Power User, Architect, ES preferred).
- Experience with Splunk Enterprise Security, Observability, or cloud platforms.
- Background in system integration, managed services, or consulting environments is a plus.
