Senior Splunk Engineer

Role: Senior Splunk EngineerLocation: Onsite (Bensalem, PA)Duration: 2.5+ Months ContractPosition Description:Engineer and deploy a multi-site, highly available Splunk Enterprise platform with clustered architecture, ensuring scalability, resilience, and performance across distributed environments.Configure core components including Cluster Manager, License Master, Deployer, Deployment Server, Monitoring Console, indexer clusters, and search head clusters.Deploy Universal and Heavy Forwarders, create deployment apps, server classes, and automate rollout processes for efficient data ingestion.Onboard and validate multiple data sources such as Windows, firewall, and cloud logs while ensuring proper Common Information Model (CIM) alignment.Configure authentication (LDAP/SAML), custom indexes, SMTP relay, and load balancing to meet enterprise security and operational requirements.Implement and operationalize Splunk Enterprise Security (ES), including dashboards, correlation searches, and notable event management.Tune ES data models, correlation rules, thresholds, and platform performance for optimal detection and efficiency.Validate ingest pipelines, cluster health, search performance, and compliance standards.Develop documentation, architecture diagrams, and runbooks while providing knowledge transfer to engineering teams.