Splunk Consultant/Architect

Job Title: Senior Splunk Consultant
Experience Required: 10+ Years
Certification: Splunk Consultant-Level Certification

Job Summary:

We are looking for a highly experienced Splunk Consultant with over 10 years of expertise in designing, deploying, and managing large-scale Splunk environments. The ideal candidate should possess consultant-level certifications and be proficient in delivering end-to-end Splunk solutions for enterprise clients. This role involves client interaction, architecture planning, implementation, optimization, and mentoring junior engineers.

Key Responsibilities:

• Lead the architecture, design, deployment, and configuration of Splunk Enterprise and Splunk Cloud environments.

• Define data onboarding strategy and configure complex parsing and indexing solutions.

• Develop custom dashboards, alerts, reports, and visualizations using SPL.

• Work closely with cybersecurity, operations, and application teams to integrate and correlate data sources.

• Perform capacity planning, health checks, performance tuning, and upgrades.

• Create and maintain documentation, including SOPs, architecture diagrams, and deployment guides.

• Act as a trusted advisor for Splunk best practices, licensing, and scaling strategies.

• Train and mentor junior team members and client staff on Splunk usage and management.

• Assist with security monitoring, incident detection, and compliance initiatives (eg, PCI, HIPAA, SOC2).

Required Skills and Experience:

• Minimum 10 years of total IT experience with 7+ years dedicated to Splunk.

• Splunk Consultant-level certification (eg, Splunk Certified Consultant I/II, Architect).

• Hands-on experience with Splunk Enterprise Security (ES) and ITSI modules.

• Strong knowledge of SPL (Search Processing Language).

• Deep understanding of data ingestion, field extractions, lookup tables, data models, and accelerations.

• Expertise in integrating various data sources including syslog, APIs, and databases.

• Experience with Linux/Unix environments and Scripting (Python, Bash, or PowerShell).

• Familiarity with cloud platforms (AWS, Azure, GCP) and their logging ecosystems.

• Proven experience in leading complex Splunk projects and client engagements.

Preferred Skills:

• Experience with automation/configuration tools (eg, Ansible, Terraform).

• Knowledge of other SIEM platforms for comparative insight.

• Familiarity with DevOps/CI-CD tools and monitoring integrations.