Splunk ES Engineer / Admin (Data Engineer)
Location: San Jose, CA (Hybrid – 3 days per week onsite)
Contract Duration: 5 months
Hours: Full-time (40 hours/week)
Max Rate: $99.13 USD/hour
Work Authorization: W2 only – No H-1B or Sub-contracting
Role Overview
We are seeking an experienced Splunk expert to join on a short-term contract and help stabilize, optimize, and enhance our Splunk environment. The focus will be on performance optimization, data reliability, integrations, usability, and governance — ensuring Splunk effectively supports our security, compliance, and analytics needs.
Key Responsibilities
Search & Performance Optimization
- Enhance search speed and efficiency across large datasets.
- Implement caching, tuning, and best practices to minimize redundant or expensive searches.
- Improve workflows so analysts can reuse or pivot results efficiently.
Data Integration & Reliability
- Strengthen the reliability of Splunk data pipelines for exports and integrations.
- Support real-time or near-real-time data flows.
- Improve stability of indexing, clustering, and correlation searches.
Governance & Lifecycle Management
- Review and rationalize knowledge objects (saved searches, lookups, dashboards).
- Monitor field drift and schema changes impacting detections.
- Define governance processes for detection lifecycle, versioning, and validation.
- Align Splunk governance with enterprise data policies (access, retention, auditability).
Advanced Capabilities & Usability
- Enable notebook-style investigation support for collaboration and reproducibility.
- Explore inline data transformation and ML/AI-driven capabilities.
- Provide guidance on best practices for detection-as-code and CI/CD integrations.
Required Skills & Experience
- 9–12 years of overall experience.
- Strong hands-on experience with Splunk Enterprise / Enterprise Security administration and development.
- Expertise in SPL optimization, indexing, and performance tuning.
- Experience with data integration and pipeline reliability.
- Familiarity with data governance practices (knowledge object hygiene, schema evolution, access & retention policies).
- Proficiency in Python or scripting for automation and advanced data handling.
Nice-to-Have Skills
- Experience in detection engineering and detection-as-code frameworks.
- Background in ML/AI capabilities within Splunk or adjacent tools.
- Understanding of compliance frameworks and their impact on Splunk governance.
