About the roleAs a Splunk Engineer with AWS expertise, you will play a critical role in designing, implementing, and maintaining Splunk solutions within AWS cloud environments. You will engage in cross-functional collaboration to ensure the seamless integration of Splunk with AWS services and to provide valuable insights into system performance, security, and operational efficiency.
What you'll do- Design, deploy, configure, and maintain Splunk infrastructure within AWS environments, including the setup of indexers, forwarders, and search heads
- Develop and implement Splunk data ingestion strategies for AWS services such as EC2, S3, Lambda, CloudWatch, VPC Flow Logs, and more
- Create custom Splunk searches, dashboards, reports, and alerts tailored to AWS-specific use cases and business requirements
- Collaborate with AWS architects and engineers to optimize Splunk deployments for scalability, reliability, and cost-effectiveness
- Integrate Splunk with AWS security services such as AWS CloudTrail, AWS Config, and AWS Security Hub to enhance threat detection and incident response capabilities
- Leverage Splunk's Machine Learning Toolkit (MLTK) to build predictive models and anomaly detection algorithms for AWS environment monitoring
- Implement and maintain Splunk apps and add-ons designed for AWS integration, such as AWS App for Splunk and AWS Add-on for Splunk
- Develop and maintain automation scripts for Splunk deployment, configuration, and management tasks using AWS CloudFormation, AWS CLI, or other automation tools
- Provide technical expertise and support to troubleshoot Splunk-related issues, performance bottlenecks, and integration challenges within AWS environments
- Stay abreast of AWS best practices, new services, and security updates, and ensure alignment with Splunk deployment strategies and configurations
- Stay updated with emerging cloud technologies, industry trends, and best practices in cloud computing and data management
Qualifications- DOJ experience with an active clearance (Public Trust)
- Bachelor's degree in related discipline OR 12 years of on-the-job experience
- 4 years' experience in specialized cloud technologies
- Splunk Certifications - One or more of the following: Cloud Certified Admin, Core Certified User, Enterprise Certified Admin
- AWS Certifications - One or more of the following: Solutions Architect Associate, SysOps Administrator Associate, Certified Developer
- Proven experience working as a Splunk Engineer with a focus on AWS integration and deployment
- Strong understanding of AWS services and architecture, with hands-on experience in deploying and managing AWS resources
- In-depth knowledge of Splunk Enterprise, including SPL (Splunk Processing Language), data modeling, and search optimization
- Proficiency in scripting and automation using languages such as Python, PowerShell, or Shell scripting
- Experience with AWS security best practices, IAM (Identity and Access Management), encryption, and compliance standards
Salary Range: $135,000-$155,000 based on experience and qualifications
