Splunk Engineer

Title: Splunk Engineer Location: Reston, VA Duration: 12 Months Contract Interview: Phone & F2F Final Rate: $45/hr W2 & $50/hr C2C all inc Key Responsibilities: • Experience: Proven experience as a Splunk Administrator and Developer. You should be comfortable with both the administrative and development aspects of the Splunk platform. • Troubleshooting: Strong problem-solving skills with the ability to diagnose and resolve complex Splunk issues. • Cloud: Solid understanding of AWS and experience integrating AWS services like CloudTrail, CloudWatch, and S3 with Splunk. • Scripting: Proficiency in Python for automating Splunk tasks, data enrichment, and API integrations. • Security: A deep understanding of enterprise security concepts and experience using Splunk for threat detection and incident response. • Diagnose and resolve complex Splunk issues related to performance, search, and indexing. • Monitor Splunk's health and proactively implement solutions to improve system reliability and uptime. • Performance Tune the environment by optimizing search queries, improving indexing strategies, and enhancing data ingestion processes. • Develop and implement custom Splunk dashboards and visualizations that translate complex data into clear, actionable insights for security and business stakeholders. • Collaborate with teams to understand their requirements and build dashboards that address specific security and operational needs. • Leverage Splunk Enterprise Security (ES) to build and maintain threat detection and incident response capabilities. • Create and fine-tune correlation searches and risk-based alerts to identify and respond to security threats effectively Log Integration • Onboard and integrate logs from a wide range of sources, including servers, cloud platforms (AWS), applications, and security tools. • Normalize and parse raw data using props.conf and transforms.conf to ensure consistency and usability.