Dragonfli Group

Cybersecurity SME – Splunk

Dragonfli Group

contract

Posted on:

Location Type: Remote

Location: Remote • 🇺🇸 United States

Visit company website
AI Apply
Apply

Job Level

Mid-LevelSenior

Tech Stack

CloudJavaScriptPythonSplunkSQL

About the role

  • Architect, configure, and maintain large-scale Splunk Enterprise and Splunk Cloud environments.
  • Manage and automate Splunk knowledge objects including fields, extractions, tags, lookups, event types, workflow actions, macros, and aliases across environments.
  • Develop, tune, and optimize complex SPL (Search Processing Language) queries, dashboards, and alerts for operational visibility and reporting.
  • Lead system upgrades, patching, and performance tuning across clustered Splunk infrastructures.
  • Integrate Splunk with external systems and data sources using REST APIs, scripting, and automation frameworks.
  • Design and develop automated workflows and dashboard interfaces to streamline system management.
  • Collaborate with DevOps and Security teams to maintain secure, reliable, and compliant data pipelines.
  • Document architecture, configurations, and procedures for continuous improvement and audit readiness.
  • Provide mentorship to junior engineers and contribute to the knowledge base of the monitoring platform.
  • Participate in after-hours maintenance windows and on-call support rotations as needed.

Requirements

  • 5+ years of direct experience with Splunk Enterprise or Splunk Cloud administration, deployment, and architecture.
  • Strong understanding of knowledge object management (.conf and .cfg file structures) across recent Splunk versions.
  • Proven ability to write, optimize, and debug SPL queries, dashboards, and alerts.
  • Experience with Splunk deployment server, index clustering, and search head clustering.
  • Hands-on experience with REST API integration between Splunk and external tools.
  • Proficiency in scripting languages such as Python, Bash, PowerShell, JavaScript, and SQL for automation and integration.
  • Experience with automation frameworks and CI/CD practices for configuration management.
  • Excellent troubleshooting and performance tuning skills for large-scale environments.
  • Strong communication and documentation skills with the ability to convey complex technical topics clearly.
  • Must be a U.S. Citizen or Permanent Resident and reside within the continental United States.
Benefits
  • Insurance - health, dental, vision
  • PTO & 11 Federal Holidays
  • 401(k), employer match

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
Splunk EnterpriseSplunk CloudSPL (Search Processing Language)REST APIsPythonBashPowerShellJavaScriptSQLautomation frameworks
Soft skills
troubleshootingperformance tuningcommunicationdocumentationmentorship