Senior Splunk Engineer

Role: Senior Splunk Engineer Location: Onsite (Bensalem, PA) Duration: 3+ Months Contract • Responsible for engineering, deploying, and maintaining a highly available multi-site Splunk Enterprise platform integrated with Splunk Enterprise Security (ES). • Designed and implemented distributed Splunk architectures including Cluster Manager, License Master, Deployer, Deployment Server, Monitoring Console, multi-site indexer clusters, and search head clusters. • Deployed and configured Universal and Heavy Forwarders, developed deployment apps, server classes, and automated rollout processes to streamline data ingestion. • Onboarded diverse data sources such as Windows logs, firewall logs, and cloud telemetry while ensuring proper Common Information Model (CIM) alignment for accurate data normalization. • Configured custom indexes, authentication integrations including LDAP and SAML, SMTP relay, and load balancer configurations to support secure and scalable operations. Installed and operationalized ES, validating data model acceleration, correlation searches, dashboards, notable events, and use case functionality. • Performed continuous tuning of correlation searches, thresholds, data models, and overall platform performance to improve detection efficiency. • Ensured seamless ES content integration with the core Splunk environment. • Validated ingest pipelines, cluster stability, search performance, and CIM compliance. • Produced architecture diagrams, as-built documentation, operational runbooks, and tuning guidance, while delivering hands-on knowledge transfer and technical enablement to engineering teams supporting ongoing platform operations.