Splunk Engineer

  POSITION: Splunk Engineer Position location: Atlanta, Georgia Hybrid (TBD Location) Splunk Search Processing Language (SPL) : Strong proficiency in writing complex and optimized queries is fundamental. This includes using transforming commands, eval functions, and sub searches to extract and manipulate data effectively. Data Ingestion and Management : Skills in collecting, processing, and indexing data from diverse sources (e.g., cloud platforms, servers, applications, endpoints) are crucial. This involves managing forwarders and data inputs. Dashboard Creation and Visualization : The ability to create meaningful reports, graphs, and interactive dashboards to communicate insights to technical and business teams is essential. Scripting and Automation : Strong scripting skills, especially in Python, Bash, & PowerShell, are highly valued for automating data collection, processing, and other use cases provided by other teams. IT Infrastructure Knowledge : A solid understanding of IT systems, networking, and security is necessary to effectively monitor and troubleshoot complex environments. Hosting Environment : Strong experience in both self-hosted and Splunk GovCloud environments. Tool Integrations: Experience with integrating with Archer, ServiceNow, Azure, and AWS. Data Forwarding: Proficiency with managing and configuring data intakes via Syslog-NG, Cribl, AWS Lambda, & Azure Function Apps. Basic Qualifications: Minimum knowledge, skills, abilities needed Bachelor’s Degree in Information Systems/Computer Science or related field and 7 years of relevant work experience; OR Master’s Degree and 5 years relevant work experience Preferred Qualifications: Candidates with these skills will be given preferential consideration: AI-Specific and Emerging Skills AI Toolkit (AITK, formerly MLTK) : Expertise in using the Splunk AITK to apply predictive analytics, anomaly detection, forecasting, and clustering methods is a key AI-related skill. Splunk MCP Server : An understanding of how to securely implement the Splunk MCP Server app, as well as its potential impact and limitations. AI Assistant for SPL : Familiarity with using the generative AI-powered AI Assistant to generate and explain SPL queries using natural language would be nice, but not necessary since it’s not currently available in Splunk GovCloud FedRAMP Moderate or High. Monitoring AI Application Stacks : The ability to monitor the quality, security, cost, and performance of AI agents, Large Language Models (LLMs), and underlying infrastructure would be nice to have.

Created: 2026-04-02