Position Overview: We are seeking an experienced and highly skilled Splunk Operations Engineer to join our dynamic team. As a Splunk Operations Engineer, you will be responsible for advanced troubleshooting, optimization, and the strategic development of Splunk environments. You will work closely with other IT and security teams to ensure the reliability, performance, and scalability of Splunk infrastructure.

Key Responsibilities:

• Advanced Troubleshooting: Investigate and resolve complex issues related to Splunk deployments, including performance bottlenecks, data ingestion problems, and search/query performance.
• System Optimization: Analyze and optimize Splunk performance, including indexing, search, and data storage. Implement best practices for tuning and scaling Splunk environments.
• Configuration Management: Oversee and manage advanced configurations of Splunk components, including indexers, search heads, and forwarders.
• Deployment and Upgrades: Plan and execute Splunk upgrades, patches, and installations. Ensure that new deployments are integrated seamlessly into the existing environment.
• Incident Response: Lead the response to major incidents involving Splunk. Coordinate with cross-functional teams to manage and mitigate issues in real-time.
• Capacity Planning: Conduct capacity planning and performance assessments to ensure that the Splunk infrastructure can handle current and future data loads.
• Scripting and Automation: Develop and maintain scripts and automation tools to streamline operations, improve efficiency, and support deployment processes.
• Documentation: Create and maintain comprehensive documentation related to system configurations, processes, and procedures.
• Collaboration: Work closely with IT operations, security teams, and other stakeholders to support and enhance the use of Splunk for security, operational intelligence, and business analytics.
• Training and Support: Provide guidance and support to Tier 1 and Tier 2 engineers, and offer training sessions to enhance team capabilities and knowledge.

• Experience: Minimum of 10 years of experience working with Splunk in an enterprise environment, with at least 3 years in a Tier 3 or equivalent advanced technical support role.
• Certifications: Splunk Certified Power User, Splunk Certified Admin, and/or Splunk Certified Architect are highly desirable.
• Technical Skills:
• Deep understanding of Splunk architecture and deployment strategies.
• Proficiency in Splunk Query Language (SPL) and the ability to write complex queries and reports.
• Experience with Splunk deployment, configuration, and management, including indexers, search heads, and forwarders.
• Strong knowledge of operating systems (Linux/Unix/Windows) and networking principles.
• Experience with scripting languages (e.g., Python, Bash, PowerShell) for automation and troubleshooting.