Job Description

Job Title: Splunk Security Engineer/Splunk Engineer

Location: TX/Dallas/Full Remote

Duration: 3 Months

Skills:

• Preferred certification: Splunk Enterprise Security Certified Admin or Splunk Certified Cybersecurity Defense Engineer.
• Proven experience in Splunk architecture, components, and deployment options.
• Hands-on experience with creating custom applications, dashboards, and analytics beyond default Splunk features.
• Strong skills in field extraction, custom event fields, search queries, and correlation searches.
• Demonstrated experience in maintaining security and optimizing performance of Splunk environments.
• Ability to analyze and improve processes, procedures, and documentation for continuous optimization.
• Experience in building threat detections using correlation rules in security logs.
• Strong analytical skills with an eye for identifying areas of improvement.

Job Overview:

We are seeking a skilled Splunk Engineer to join our cybersecurity team, responsible for deploying, configuring, and optimizing Splunk environments across enterprise and government settings. The ideal candidate will have extensive hands-on experience with Splunk Enterprise Security, advanced expertise in Unix/Linux operating systems, and a deep understanding of Splunk architecture, data ingestion, threat detection, and search performance.

Key Responsibilities:

• Deploy, configure, and maintain Splunk components, including search heads, indexers, and forwarders.
• Implement and configure SIEM solutions for Enterprise and Government environments.
• Manage clustered environments with multiple indexers and search heads to ensure high availability and performance.
• Create, customize, and maintain dashboards, reports, correlation searches, and alerts to support security operations.
• Extract and optimize field extractions, multi-value fields, tags, and field aliases for improved data analysis.
• Build high-fidelity threat detection rules using security logs to identify malicious activity.
• Work closely with Security and Platform Engineering teams to onboard new data sources.
• Configure and manage Splunk data ingestion methods, including forwarders, Event Collector (HEC), and scripted inputs.
• Troubleshoot and resolve issues related to Splunk configuration, data ingestion, and search performance.
• Perform major version upgrades for Splunk components deployed on Linux-based systems.
• Ensure the security of Splunk components, including indexes, and regularly update them as needed.

Keywords: Splunk, Cybersecurity, Splunk data ingestion

Job Tags

Similar Jobs