Senior Splunk Core & Enterprise Security (ES) Consultant

Long-term engagement focused on maintaining and enhancing Splunk Core and Enterprise Security (ES) environments Consultant will also support ITSI (IT Service Intelligence) implementation and configuration Requires certified Splunk professional with both operational and implementation expertise, Maintain and support Splunk Core infrastructure and Enterprise Security (ES) environments Monitor system performance, health, and data ingestion pipelines Troubleshoot and resolve issues related to Splunk deployments and integrations Implement, configure, and optimize ITSI (IT Service Intelligence) modules Assist with onboarding data sources and creating dashboards, alerts, and reports Ensure security use cases and correlation searches are functioning effectively Collaborate with client teams to enhance observability and security monitoring capabilities Provide best practices for Splunk architecture, scalability, and performance tuning

10+ years of experience (minimum) Splunk Core Consultant Certification (mandatory) Splunk Enterprise Security (ES) Certification (mandatory) ITSI Accreditation (mandatory) Strong hands-on experience with Splunk Core and ES environments Experience maintaining and supporting enterprise-level Splunk deployments Solid understanding of SIEM concepts and security monitoring Experience with data onboarding, parsing, and knowledge objects (searches, dashboards, alerts) Strong troubleshooting and performance tuning skills

Desired

Experience with large-scale or multi-tenant Splunk environments Familiarity with cloud integrations (AWS, Azure, etc.) Experience in IT operations, observability, or SecOps environments Knowledge of scripting (Python, Shell) for automation Strong communication and stakeholder management skills