Delta System & Software, Inc.
Splunk Engineer (San Jose)
Delta System & Software, Inc., San Jose, California, United States, 95199
Role: SPLUNK engineering consultant (Monitoring Specialist)
Location: US Bay Area San Jose, CA
Contract
Focus Areas: Search performance, platform optimization, integrations, governance maturity Role Overview We are seeking an experienced Splunk engineer to help stabilize, optimize, and improve our Splunk environment. This role will support search performance, data reliability, usability, and governance practices to ensure Splunk aligns to our security, compliance, and analytics requirements. The ideal candidate combines deep Splunk platform expertise with hands-on engineering experience in search optimization, pipeline reliability, knowledge object hygiene, and security-focused data workflows. Key Responsibilities Search & Performance Optimization Improve speed and efficiency of searches across large datasets. Implement caching, tuning, and search-hygiene practices to reduce redundant or costly searches. Enhance workflows so analysts can pivot and reuse results without re-running full searches. Data Integration & Reliability Strengthen stability and reliability of Splunk data pipelines for exports and integrations. Support real-time or near-real-time data flows where applicable. Improve resiliency of indexing, clustering, and correlation workloads. Governance & Lifecycle Management Review and rationalize existing knowledge objects (saved searches, lookups, dashboards). Implement monitoring to track field drift, schema changes, or configuration defects that affect detections. Define lightweight governance and lifecycle controls for knowledge objects and detection artifacts. Support alignment with broader data governance policies, including access models, retention, and auditability. Advanced Capabilities & Usability Enable notebook-style investigative analysis for collaboration and reproducibility. Assist data transformation and ML/AI-driven analytics enhancements where practical. Provide guidance on detection-as-code best practices and CI/CD integration for security detection workloads.
Required Skills & Experience Strong hands-on experience with Splunk Enterprise / Enterprise Security administration and engineering. Expert level capability in SPL tuning, indexing strategy, search optimization, and performance troubleshooting. Proven experience with data pipeline reliability and ingestion stabilization. Familiarity with Splunk governance principles (knowledge object hygiene, schema evolution, retention/access practices). Proficiency in Python or scripting for automation and advanced handling.
Preferred Skills Experience with security detection engineering or detection-as-code frameworks. Background in ML/AI features within Splunk or adjacent systems. Understanding of compliance frameworks and their implications on Splunk governance. Education and Experience 912 years of relevant experience preferred or equivalent demonstrated expertise. Candidate Profile This role is best suited for someone who: Has operated Splunk at scale (large/log-dense enterprise environments) Enjoys diagnosing systemic performance issues and stabilizing environments Understands security operations use cases, detection design, and data quality impacts Can work independently, prioritize, and collaborate with analysts and engineering teams
Focus Areas: Search performance, platform optimization, integrations, governance maturity Role Overview We are seeking an experienced Splunk engineer to help stabilize, optimize, and improve our Splunk environment. This role will support search performance, data reliability, usability, and governance practices to ensure Splunk aligns to our security, compliance, and analytics requirements. The ideal candidate combines deep Splunk platform expertise with hands-on engineering experience in search optimization, pipeline reliability, knowledge object hygiene, and security-focused data workflows. Key Responsibilities Search & Performance Optimization Improve speed and efficiency of searches across large datasets. Implement caching, tuning, and search-hygiene practices to reduce redundant or costly searches. Enhance workflows so analysts can pivot and reuse results without re-running full searches. Data Integration & Reliability Strengthen stability and reliability of Splunk data pipelines for exports and integrations. Support real-time or near-real-time data flows where applicable. Improve resiliency of indexing, clustering, and correlation workloads. Governance & Lifecycle Management Review and rationalize existing knowledge objects (saved searches, lookups, dashboards). Implement monitoring to track field drift, schema changes, or configuration defects that affect detections. Define lightweight governance and lifecycle controls for knowledge objects and detection artifacts. Support alignment with broader data governance policies, including access models, retention, and auditability. Advanced Capabilities & Usability Enable notebook-style investigative analysis for collaboration and reproducibility. Assist data transformation and ML/AI-driven analytics enhancements where practical. Provide guidance on detection-as-code best practices and CI/CD integration for security detection workloads.
Required Skills & Experience Strong hands-on experience with Splunk Enterprise / Enterprise Security administration and engineering. Expert level capability in SPL tuning, indexing strategy, search optimization, and performance troubleshooting. Proven experience with data pipeline reliability and ingestion stabilization. Familiarity with Splunk governance principles (knowledge object hygiene, schema evolution, retention/access practices). Proficiency in Python or scripting for automation and advanced handling.
Preferred Skills Experience with security detection engineering or detection-as-code frameworks. Background in ML/AI features within Splunk or adjacent systems. Understanding of compliance frameworks and their implications on Splunk governance. Education and Experience 912 years of relevant experience preferred or equivalent demonstrated expertise. Candidate Profile This role is best suited for someone who: Has operated Splunk at scale (large/log-dense enterprise environments) Enjoys diagnosing systemic performance issues and stabilizing environments Understands security operations use cases, detection design, and data quality impacts Can work independently, prioritize, and collaborate with analysts and engineering teams