Splunk Engineer

Job OverviewWe are seeking a highly skilled and motivated Engineer to join our dynamic team. The ideal candidate will have a strong foundation in engineering principles, with a particular emphasis on quantum engineering. This role involves designing, developing, and implementing innovative solutions to complex engineering challenges. The Engineer will collaborate with cross-functional teams to ensure projects are completed efficiently and effectively. Job Description: Keeping a multi-site Splunk Enterprise (indexer clustering + SHC) healthy: upgrades/patching, daily/weekly health checks, capacity & license management, DR tests. Onboarding data cleanly and securely: forwarders/syslog/HEC; sourcetypes, props/transforms, timestamping/line-breaking, field extractions, retention. Improving performance and reliability: monitor ingestion/search performance, queues, storage/bucket health; remove bottlenecks; tune searches and data models. Enabling users: create/optimize SPL searches, dashboards, alerts; advise engineers, SREs, and SecOps on best practices and troubleshooting. The most important duties are Operate and harden a multi-site Splunk Enterprise environment (indexer clustering, SHC, deployer/deployment server, RBAC, app lifecycle). Monitor and tune ingestion, search, and storage (RF/SF validation; bucket health; NFS tuning; queue depths). Lead data onboarding projects across on-prem, SaaS, cloud (Azure/AWS), K8s; ensure auditability and data-handling policy compliance. Build/optimize SPL, dashboards, alerts; coach consumers on SPL and performance patterns (tstats, accelerations, base/inline searches). Maintain DR posture and execute/verify failovers. What this job needs to be successful is (traits and characteristics) 3–5+ years administering Splunk Enterprise at multi-TB/day scale, including indexer clustering and SHC in multi-site deployments. Expert SPL and performance tuning (tstats, data models/accelerations, search optimization). Deep data-onboarding Mskills (forwarders/syslog/HEC) and props.conf/transforms.conf mastery (timestamps, line-breaking, field extraction, value normalization). Strong Linux admin + scripting (bash, Python); networking/TLS fundamentals. Experience with NFS-backed indexers (operational tuning/gotchas). Clear communicator with a customer-enablement mindset; documents well; bias for automation. Nice-to-have: Splunk Architect cert; experience with ES, ITSI, MLTK, and SOAR; familiarity with data-science/ML concepts (to partner with teams, not to lead research). Job Type: Contract Pay: $50.04 - $55.29 per hour Application Question(s): Are you open for Three Months position? Experience: Splunk: 4 years (Required) Ability to Commute: San Jose, CA 95110 (Required) Work Location: In person