Splunk Platform Engineer

Levy Professionals

We are looking for…

We are seeking a Splunk Platform Engineer to own, operate, and optimize our on-prem and hybrid Splunk platform. You will support enterprise logging, security monitoring (SIEM), and observability capabilities to empower our Security Operations, IT Operations, and Application teams with high-quality telemetry and actionable insights.

Outcomes of the project

  • Platform Resilience: Architecture, deployment, and management of Indexer clusters, Search Head clusters, and Forwarders to ensure high availability and disaster recovery.

  • Data Optimization: Successful design of index strategies and retention policies that control ingestion volume and ensure CIM compliance.

  • Security Enablement: Effective tuning of Splunk Enterprise Security (ES) and maintenance of threat detection coverage aligned to MITRE ATT&CK.

  • Hybrid Integration: Seamless integration of Splunk Observability Cloud with on-prem environments to enable APM and infrastructure monitoring.

  • Governance: Precise license management and capacity planning to provide clear KPI reporting to stakeholders.

You will:

  • Perform version upgrades, patching, and lifecycle management for Splunk Enterprise.

  • Optimize search performance, dashboard load times, and resource utilization.

  • Implement correlation searches, risk-based alerting, and notable event workflows.

  • Support Kubernetes, cloud workloads, and application telemetry pipelines.

  • Manage data governance, compliance controls, and ingestion forecasting.

Experience

  • Proven track record in Splunk Enterprise architecture, including multi-site clustering and deployment server configuration.

  • Deep experience in Data Optimization, specifically with SPL performance tuning, Data Model Acceleration (DMA), and storage tiering.

  • Hands-on experience with Splunk Enterprise Security (ES) and Risk-Based Alerting (RBA).

  • Familiarity with Splunk Observability Cloud and OpenTelemetry pipelines.

Profile

  • Technical Specialist: Strong skills in Linux/Windows server administration and scripting (Python, Bash, or PowerShell).

  • Automation Mindset: Familiarity with Infrastructure as Code (Ansible or Terraform) is highly preferred.

  • Analytical: Ability to map threat frameworks (MITRE ATT&CK) and integrate SOC processes.

  • Communicator: Capable of translating platform KPIs into actionable reports for leadership.

About Levy Professionals

Since 2000, we have provided professional solutions to organizations ranging from tech start-ups to global players. From our offices in Amsterdam and London, we have built an international and local network of skilled employed professionals and contractors, fueled by our passion for connecting skills with projects. Over the years, we have fulfilled over 1,700 requirements and consistently have 250+ professionals recruited and relocated from 14 countries allocated to various projects. Our strength is the way that we see and treat people. This will always be a key factor in our strategy for many years to come.

Upload your CV/resume or any other relevant file. Max. file size: 98 MB.