Splunk Architect

The Role

The Splunk Architect is a key member of the Splunk team, responsible for Technical leadership in

Splunk delivery projects, with involvement as solution technical architect, key technical subject

matter expert, evangelist and liaison to project, business and executive stakeholders during all

stages of the project/program delivery.

Key responsibilities:

o Architect, design, and implement scalable Splunk solutions to address complex IT operations challenges.

o Leverage AIOps capabilities to automate incident management, root cause analysis, and anomaly detection.

o Integrate Splunk with cloud platforms (AWS, Azure, GCP) and third-party monitoring solutions.

o Develop and optimize Splunk searches, dashboards, and alerts to provide actionable insights.

o Utilize Splunk Search Processing Language (SPL) to create advanced queries and automation workflows.

o Collaborate with cross-functional teams to understand business requirements and translate them into effective Splunk solutions.

o Stay updated on the latest Splunk features and best practices.

Essential skills/knowledge/experience:

o Splunk Enterprise Certified Architect/Admin.

o Proficiency in designing and implementing Splunk solutions in large-scale environments.

o Experience with data onboarding, field extraction, data models, and CIM (Common o Information Model).

o Expertise in SPL (Search Processing Language) and developing custom dashboards, alerts, and reports.

o Strong knowledge of Splunk Enterprise, Splunk Cloud, and Splunk Enterprise Security (ES).

Desirable skills/knowledge/experience:

o Bachelor’s degree in computer science, Cybersecurity, or a related field. Master’s degree preferred.

o 8+ years of experience in information security, with a focus on Technical Cyber Security domain

o Minimum of 5 years’ experience in a network / cloud security environment.

o CISSP, CCSP, OSCP, SANS or equivalent desirable

o Certification in one or more cloud vendor offerings such as AWS, GCP, Azure, OCI.