Splunk SME (W2)

Role: Splunk SME (12+Year) Location: Remote Duration: 12+ Months MOI: Video Role Overview: We are seeking a highly experienced Splunk SME to lead the design, implementation, and optimization of Splunk-based observability and security analytics solutions across enterprise environments. The ideal candidate will have deep expertise in Splunk Enterprise, ITSI, ES, and cloud integrations, and will play a key role in enabling full-stack visibility, proactive monitoring, and threat detection for mission-critical applications. Key Responsibilities: Architect and manage large-scale Splunk deployments (Enterprise & Cloud). Lead data onboarding from diverse sources including syslog, REST APIs, cloud services, and containers. Design and implement ITSI services, KPIs, and service health dashboards. Develop advanced SPL queries, dashboards, alerts, and correlation searches. Integrate Splunk with cloud platforms (AWS, Azure, GCP) and third-party tools (e.g., Datadog, ServiceNow). Collaborate with DevOps, SRE, and Security teams to enable observability and SIEM use cases. Conduct performance tuning, capacity planning, and health checks of Splunk infrastructure. Ensure CIM compliance and data model alignment for security and IT operations. Mentor junior engineers and contribute to Splunk best practices and governance. Required Skills & Qualifications: 10+ years of hands-on experience with Splunk Enterprise and Splunk Cloud. Strong expertise in ITSI, ES, UBA, and custom app development. Proficiency in SPL, Python, Shell scripting, and Splunk SDKs. Experience with cloud-native observability and security integrations. Familiarity with DevOps tools (Git, Jenkins, Terraform, Ansible). Excellent problem-solving, communication, and stakeholder management skills. Preferred Certifications: Splunk Certified Architect Splunk Certified ITSI Implementation Splunk Certified Enterprise Security Admin AWS/Azure/GCP Cloud Certifications