Senior Splunk Engineer - Apton Inc

Job Description

We are seeking an experienced Senior Splunk Engineer with deep expertise in Splunk Enterprise, Splunk Cloud, and Splunk ES/ITSI to support enterprise-scale monitoring, observability, and security operations. The ideal candidate will have strong hands-on experience in designing, deploying, and managing distributed Splunk environments, with proven knowledge in automation, cloud integration, and SIEM solutions.

Responsibilities

• Design, deploy, and manage large-scale Splunk Enterprise/Cloud environments (indexers, search heads, deployment servers, forwarders).
• Build and optimize dashboards, reports, alerts, and correlation searches for operational, business, and security use cases.
• Configure and maintain Splunk ES and ITSI, creating service maps, KPIs, and predictive alerting.
• Onboard diverse data sources (syslogs, cloud telemetry, application logs, SNMP, Kafka, Kubernetes, etc.).
• Implement role-based access control (RBAC) and ensure compliance with PCI, SOX, and security standards.
• Develop custom Splunk Apps, TAs, and RESTful APIs; integrate with third-party systems (ServiceNow, IDS/IPS, Firewalls).
• Use Python, Ansible, and AWS Lambda for automation and operational efficiency.
• Deploy and manage Splunk in AWS, Azure, and Google Cloud Platform; integrate with observability platforms like SignalFx and Dynatrace.
• Build monitoring and automation using CloudFormation, Terraform, and Spinnaker.
• Perform SPL query optimization for performance and train users in best practices.
• Provide support for SIEM use cases, incident response, and SOC threat hunting.

Required Skills & Experience

• 10+ years of IT experience, with 6+ years dedicated to Splunk engineering and administration.
• Strong experience with Splunk Enterprise, Splunk Cloud, Splunk ES, and Splunk ITSI.
• Expertise in SPL, field extraction, regex, data modeling, and CIM compliance.
• Proven knowledge of SIEM, log management, and security monitoring.
• Hands-on experience with AWS, Azure, Google Cloud Platform, including integration with Splunk.
• Strong scripting skills in Python, Ansible, and automation tools.
• Experience with Docker, Kubernetes, Kafka, Elasticsearch, Dynatrace, and SignalFx.
• Familiarity with networking concepts (TCP/IP, OSPF, NetFlow, SNMP, ICMP).
• Certification: Splunk Admin (preferred).
• Master s degree in Computer Science or related field.

Nice to Have

• Experience with SOAR automation and incident playbooks.
• Exposure to service assurance in Telecom/Healthcare domains.
• Strong leadership skills with ability to mentor junior engineers.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.