CareerStation
KI

Splunk Engineer

Kiya.ai
Pune12-22 LPA Posted 25 Jun 2025
FULL TIME
Bash
Python
Powershell

Job Description

Senior Splunk Engineer

Company: Kiya.ai

About the Role:

We're looking for a Splunk Level 3 Engineer with a strong Linux background to design, implement, and optimize Splunk solutions for enterprise-level security, observability, and operational intelligence. You'll play a key role in developing and maintaining a high-performing Splunk environment, ensuring real-time monitoring, analytics, and automation across IT infrastructure and security domains.

Key Responsibilities:

Splunk Architecture & Administration:

  • Design, deploy, and manage large-scale Splunk environments (Enterprise Security, ITSI, Observability, Cloud, or Hybrid).
  • Configure and optimize Splunk components such as indexers, search heads, forwarders, and clustering.
  • Implement best practices for data ingestion, parsing, and indexing to ensure high availability and performance.

Security & Observability:

  • Develop and manage Splunk dashboards, alerts, and reports for security monitoring (SIEM), IT operations, and business analytics.
  • Integrate Splunk with various security tools (SOAR, EDR, Firewalls, IDS/IPS) to enhance threat detection and response.
  • Implement anomaly detection, predictive analytics, and correlation searches.
  • Implement logging best practices for Linux servers, applications, and containers.

Automation & Optimization:

  • Automate Splunk deployments using Infrastructure-as-Code (IaC) tools such as Ansible, Terraform, or Python scripts.
  • Tune searches, optimize queries, and improve system efficiency to handle high-volume data ingestion.
  • Develop Splunk apps and custom scripts for data enrichment and automation.

Collaboration & Support:

  • Work closely with Security, DevOps, and Infrastructure teams to integrate Splunk into enterprise workflows.
  • Provide technical leadership, mentorship, and training to junior Splunk engineers.
  • Troubleshoot Splunk performance issues, logs, and data pipeline challenges.

Qualifications & Skills:

Must-Have:

  • 5+ years of hands-on Splunk engineering experience (design, deployment, tuning, and troubleshooting).
  • Expertise in Splunk architecture, SPL (Search Processing Language), and dashboard development.
  • Experience with Splunk Enterprise Security (ES), IT Service Intelligence (ITSI), or Splunk Observability Suite.
  • Strong scripting skills (Python, Bash, PowerShell) for automation and data enrichment.
  • Familiarity with Linux security hardening and system auditing.

Preferred:

  • Experience with cloud-based Splunk (AWS, Azure, GCP) and integrations with cloud-native logging solutions.
  • Familiarity with Infrastructure-as-Code (Terraform, Ansible) and CI/CD pipelines.
  • Certifications such as Splunk Certified Admin, Splunk Certified Architect, Splunk Certified Security Analyst, or RHCE (Red Hat Certified Engineer).

Required Skills

BashPythonPowershell