Splunk Consultant
Offer summary
Qualifications:
Extensive experience with Splunk Enterprise, including data onboarding and dashboard development., Proficiency in Search Processing Language (SPL) for creating custom queries and reports., Knowledge of security frameworks and experience with cloud-based Splunk solutions., Familiarity with scripting languages and integration with external tools..Key responsabilities:
- Design and implement Splunk architecture solutions based on business requirements.
- Onboard new data sources and ensure proper indexing and normalization of log data.
- Create dashboards, visualizations, and set up proactive alerts for monitoring.
- Provide support for Splunk-related issues and document processes for user training.
Job description
This is a remote position.
Job Description:
We are seeking a skilled Splunk Consultant to assist in designing, implementing, and optimizing Splunk-based solutions to support data analysis, monitoring, and security operations. The ideal candidate will have extensive experience with Splunk Enterprise, including data onboarding, dashboard development, alerting, and SPL (Search Processing Language). You will work closely with IT, Security, and Business teams to ensure effective data-driven decision-making and system visibility.
Key Responsibilities:
Design & Architecture:
Develop and implement Splunk architecture solutions tailored to business and technical requirements.
Plan and execute data ingestion strategies, including parsing, transformation, and enrichment of data sources.
Data Onboarding & Integration:
Onboard new data sources into Splunk via forwarders, APIs, syslog, and other connectors.
Ensure proper indexing, parsing, and normalization of log data.
Searches, Dashboards & Reports:
Create custom SPL queries, dashboards, visualizations, and reports based on user needs.
Optimize existing queries for performance and relevance.
Monitoring & Alerting:
Set up proactive alerts and thresholds for system monitoring and security use cases.
Develop automated responses using Splunk alerting and integration with external tools (e.g., ServiceNow, PagerDuty).
Security & Compliance:
Implement and support Splunk Enterprise Security (ES) or IT Service Intelligence (ITSI) as required.
Assist with compliance reporting, audit logs, and data retention strategies.
Troubleshooting & Support:
Provide Tier 2/3 support for Splunk-related issues and performance tuning.
Collaborate with infrastructure teams to ensure high availability and scalability.
Documentation & Training:
Document configurations, processes, and procedures.
Train users and internal teams on Splunk best practices and usage.
Preferred Skills:
· Splunk certifications (e.g., Splunk Core Certified Power User, Admin, Architect).
· Experience with cloud-based Splunk (e.g., Splunk Cloud Platform).
· Knowledge of security frameworks (e.g., MITRE ATT&CK, NIST, ISO 27001).
· Familiarity with scripting languages (e.g., Python, Bash).
· Integration experience with tools like ServiceNow, Jira, or third-party SIEMs.
Required profile
Experience
Other Skills
- Security Policies
- Training And Development
Consultant Related jobs
ERPA
- Remote: Canada
- Full time
Mazars
- Remote: France
- Full time
- 3 - 5K
UNHCR, the UN Refugee Agency
- Remote: Brazil
- Full time
Secureworks
- Remote: Japan
- Freelance
Velixo
- Remote: Australia, New Zealand
- Full time