Register with us

Jobs at CruiTek

View all jobs

Sr Splunk Engineer

Bensalem, PA · Information Technology
Sr Splunk Engineer
No 3rd PARTIES or Sponsorships
Onsite Location: Bensalem, PA
4+ Months
Great Company
Unlimited Growth
*Very Specific Skill Set
 
Scope: 
This role is responsible for engineering, deploying, configuring, and validating a multi-site, highly available Splunk Enterprise platform and extending it with Splunk Enterprise Security (ES). The engineer handles platform buildout, data onboarding, CIM alignment, ES enablement, tuning, and operational readiness.

· Design and implement a multi-site, highly available Splunk Enterprise deployment including Cluster Manager, License Master, Deployer, Deployment Server, Monitoring Console, multi-site indexer cluster
· Deploy and configure Universal Forwarders and Heavy Forwarders. Build deployment apps, server classes, and automated rollout scripts.
· Onboard and validate data sources (e.g. Windows, Firewall, Cloud) and ensure proper CIM alignment.
· Configure custom indexes, authentication (LDAP/SAML), SMTP relay, and load balancer requirements.
· Install, configure, and operationalize Splunk Enterprise Security (ES).
· Validate ES data model acceleration, correlation searches, dashboards, notable events, and use case logic.
· Tune correlation searches, thresholds, data models, and platform performance.
· Ensure ES content integration with the underlying Splunk Enterprise deployment.
· Produce as-built documentation, architecture diagrams, runbooks, tuning guidance, and operational procedures.
· Validate ingest pipelines, cluster stability, search performance, CIM compliance, and ES functionality.
· Provide technical knowledge transfer and hands-on enablement to customer engineering teams.
 
Required Skills & Experience
  • Splunk Enterprise engineering in distributed, clustered environments.
  • Direct experience deploying and tuning Splunk ES in production settings.
  • Strong ability to onboard diverse data sources and perform CIM alignment.
  • Linux administration and enterprise networking fundamentals.
  • Experience with authentication systems (LDAP, SAML).
  • Strong documentation and operationalization skills.
Preferred Qualifications
  • Splunk Admin, Architect, or ES Specialist certifications.
  • Experience in large-scale or multi-site enterprise deployments.
  • Familiarity with security operations workflows and SIEM tuning.

Share This Job

Powered by