Splunk Developer
We are seeking an experienced Splunk Developer – Technical Lead with strong hands‐on expertise in Splunk Enterprise, IT Service Intelligence (ITSI), and Observability. The role requires deep technical knowledge combined with design leadership, stakeholder engagement, and production responsibility across complex enterprise platforms.
The candidate will lead Splunk solution design, mentor junior developers, and work closely with operations, SRE, and application teams to deliver scalable monitoring, service health, and analytics solutions.
Key Responsibilities
Technical Leadership
Act as Technical Lead for Splunk implementations across monitoring, observability, and service intelligence use cases.
Own end‐to‐end Splunk solution design including data onboarding, data models, dashboards, alerts, and ITSI objects.
Review and govern Splunk development standards, SPL performance, and configuration best practices.
Provide technical guidance, mentoring, and code reviews for Splunk developers and support teams.
Splunk Core & ITSI
Design and implement Splunk ITSI components including:
Services & service hierarchies
KPIs & thresholds
Glass Tables
Episode review and correlation search tuning
Build service‐centric monitoring aligned to business and application landscapes.
Configure entity extraction, service templates, and adaptive thresholds.
Data Onboarding & Engineering
Lead onboarding of diverse data sources:
Application logs, infrastructure metrics, APM data, cloud logs, and security events
Design and optimise:
Indexing strategy
Source types and field extractions
Data models and CIM compliance
Ensure SPL queries and dashboards are performant and scalable.
Dashboards, Alerts & Analytics
Develop advanced dashboards using:
Splunk Dashboard Studio / Classic dashboards
Design meaningful alerts using:
Correlation searches
Risk‐based alerting principles
Translate operational and business requirements into actionable insights.
Observability & Production Support
Integrate Splunk with enterprise observability tools (APM, infrastructure monitoring, cloud platforms).
Support production incidents using Splunk, driving root‐cause analysis and post‐incident reviews.
Improve alert quality by reducing noise and false positives.
Stakeholder & Delivery Engagement
Collaborate with:
SRE / Ops teams
Application & platform teams
Service Management & ITIL functions
Translate monitoring requirements into scalable technical solutions.
Participate in architecture discussions, audits, and compliance reviews.
Required Skills & Experience
Splunk Expertise
Strong hands‐on experience with Splunk Enterprise
Proven experience with Splunk ITSI (mandatory):
KPI design and service modelling
Glass Tables
Episode review & RCA workflows
Technical Skills
Excellent command of SPL (Search Processing Language)
Strong understanding of:
Data models & CIM
Index management and performance tuning
Experience integrating Splunk with:
Application, infrastructure, and cloud platforms
Hands‐on experience with alerting, correlation searches, and dashboards.
Leadership & Design
Experience working as Technical Lead / Lead Developer
Ability to own solution design and guide teams end‐to‐end
Strong analytical and problem‐solving skills.
Enterprise & Production Experience
Experience working in large‐scale enterprise environments (Banking / Financial Services preferred)
Exposure to incident management, operational resilience, and ITIL processes
Comfortable working in regulated and audit‐driven environments.
Good to Have
Splunk Observability (APM, Infrastructure Monitoring) exposure
CI/CD integration for Splunk content (Git, Jenkins, DevOps pipelines)
Cloud platforms (AWS / Azure / GCP) log and metric ingestion
Splunk certifications (Power User, Admin, ITSI)
Experience with automation and scripting (Python, Shell).
Soft Skills
Strong communication and stakeholder‐handling skills
Ability to explain complex technical concepts to non‐technical audiences
Ownership mindset and delivery focus
Mentoring and team‐building experience.
Role Level
Senior Developer / Technical Lead (L3/L4 equivalent)