Metasys Technologies
Splunk SME (Subject Matter Expert)
Metasys Technologies, Myrtle Point, Oregon, United States, 97458
Splunk SME (Subject Matter Expert) – Location: Remote for the right candidate • Type: Contract-12 months
Client is seeking a highly experienced Splunk SME to lead the design, implementation, and optimization of Splunk-based observability and security analytics solutions across enterprise environments. The ideal candidate will have deep expertise in Splunk Enterprise, ITSI, ES, and cloud integrations, and will play a key role in enabling full-stack visibility, proactive monitoring, and threat detection for mission-critical applications.
Key Responsibilities
Architect and manage large-scale Splunk deployments (Enterprise & Cloud).
Lead data onboarding from diverse sources including syslog, REST APIs, cloud services, and containers.
Design and implement ITSI services, KPIs, and service health dashboards.
Develop advanced SPL queries, dashboards, alerts, and correlation searches.
Integrate Splunk with cloud platforms (AWS, Azure, GCP) and third-party tools (e.g., Datadog, ServiceNow).
Collaborate with DevOps, SRE, and Security teams to enable observability and SIEM use cases.
Conduct performance tuning, capacity planning, and health checks of Splunk infrastructure.
Ensure CIM compliance and data model alignment for security and IT operations.
Mentor junior engineers and contribute to Splunk best practices and governance.
Required Skills & Qualifications
10+ years of hands-on experience with Splunk Enterprise and Splunk Cloud.
Strong expertise in ITSI, ES, UBA, and custom app development.
Proficiency in SPL, Python, Shell scripting, and Splunk SDKs.
Experience with cloud-native observability and security integrations.
Familiarity with DevOps tools (Git, Jenkins, Terraform, Ansible).
Excellent problem-solving, communication, and stakeholder management skills.
Preferred Certifications
Splunk Certified Architect
Splunk Certified ITSI Implementation
Splunk Certified Enterprise Security Admin
AWS/Azure/GCP Cloud Certifications
#J-18808-Ljbffr
Client is seeking a highly experienced Splunk SME to lead the design, implementation, and optimization of Splunk-based observability and security analytics solutions across enterprise environments. The ideal candidate will have deep expertise in Splunk Enterprise, ITSI, ES, and cloud integrations, and will play a key role in enabling full-stack visibility, proactive monitoring, and threat detection for mission-critical applications.
Key Responsibilities
Architect and manage large-scale Splunk deployments (Enterprise & Cloud).
Lead data onboarding from diverse sources including syslog, REST APIs, cloud services, and containers.
Design and implement ITSI services, KPIs, and service health dashboards.
Develop advanced SPL queries, dashboards, alerts, and correlation searches.
Integrate Splunk with cloud platforms (AWS, Azure, GCP) and third-party tools (e.g., Datadog, ServiceNow).
Collaborate with DevOps, SRE, and Security teams to enable observability and SIEM use cases.
Conduct performance tuning, capacity planning, and health checks of Splunk infrastructure.
Ensure CIM compliance and data model alignment for security and IT operations.
Mentor junior engineers and contribute to Splunk best practices and governance.
Required Skills & Qualifications
10+ years of hands-on experience with Splunk Enterprise and Splunk Cloud.
Strong expertise in ITSI, ES, UBA, and custom app development.
Proficiency in SPL, Python, Shell scripting, and Splunk SDKs.
Experience with cloud-native observability and security integrations.
Familiarity with DevOps tools (Git, Jenkins, Terraform, Ansible).
Excellent problem-solving, communication, and stakeholder management skills.
Preferred Certifications
Splunk Certified Architect
Splunk Certified ITSI Implementation
Splunk Certified Enterprise Security Admin
AWS/Azure/GCP Cloud Certifications
#J-18808-Ljbffr