Splunk Engineer; Remote

⭐ - Featured Role | Apply direct with Data Freelance Hub

This role is for a Splunk Engineer (Remote) on a 6‑month contract, offering a competitive pay rate. Key skills include Splunk administration, data ingestion, performance tuning, and AI/ML integration. Experience with Linux/Windows servers and security protocols is required.

Location:

Remote, Louisville, KY (United States)

Job Type: Contract | Duration: 6 months

• Design large‑scale, geo‑distributed Splunk environments (SHC, Indexer Clustering, DS).
• Optimize data ingestion, indexing pipelines, search performance, and manage data retention (buckets).
• Build, accelerate, and troubleshoot complex data models for ITSI.
• Apply CIM best practices and incorporate into ITSI.
• Develop advanced SPL for complex analytics using stats, transaction, timechart, eval, rex, macros, and data enrichment.
• Model complex IT services, entity types, and dependencies in ITSI.
• Create, tune, and manage KPIs (metric & event) and dynamic thresholds; anomaly detection.
• Define and monitor entity health for complex infrastructure.
• Design impactful real‑time Glass Tables for different audiences.
• Correlate raw events into service‑impacting alerts (Service Analyzer, MITs).
• Implement advanced ITSI alerting, integration with ITSM (Service Now), and manage alert fatigue.
• Diagnose missing data, slow KPIs, and alert storms in an ITSI environment.
• Use ITSI’s built‑in ML for anomaly detection (seasonality, thresholds) and predictive alerting.

• Experience in field extractions and transformations using Reg Ex in Splunk.
• Installing, configuring and administering Splunk Enterprise on Linux and Windows servers.
• Installation and implementation of the Splunk App for Enterprise Security with best‑practice documentation and knowledge transfer.
• Installing Universal Forwarders and Heavy Forwarders to ingest data fields into Splunk.
• Writing Splunk queries; searching, monitoring, analyzing, and visualizing Splunk logs.
• Alert handling and generation of standard availability and performance reports.
• Root‑cause analysis of post‑production performance issues via Splunk tools.
• Designing, optimizing and executing Splunk‑based enterprise solutions.
• Customizing Splunk dashboards, visualizations, configurations using custom queries.
• Monitoring Splunk infrastructure for capacity planning, scalability, and optimization.
• Using Splunk-DB Connect for real‑time data integration between Splunk Enterprise and other databases.
• Actuate reporting: development, deployment, management, and performance tuning.
• Monitoring license usage, indexing metrics, index performance, forwarder performance, and configuring Syslog forwarding to Splunk via TCP/UDP.
• Subject‑matter expertise in best practices, security protocols, KPIs, and related security issues.

Freelance data hiring powered by an engaged, trusted community — not a CV database.

85 Great Portland Street, London, England, W1W 7LT