Senior Splunk Enterprise Security Engineer (W2)

Hello
I hope you are doing well

Im Shikha Dixit a Lead Recruiter at Siri Info Solutions. I have an Urgent position as a Senior Splunk Enterprise Security Engineer with our client Irving TX (5-day onsite). Your profile seems to be a great match for the job description. Please let me know if you are available in the job market so that we can proceed with submitting your resume to the client.

Role: Senior Splunk Enterprise Security Engineer (W2)

Duration: 12-month contract

Location: Irving TX (5-day onsite)

Job Description:

About the Role:

We are seeking a Senior Splunk Enterprise Security Engineer to join our Security Engineering & Architecture team in Irving this high-impact individual contributor role you will own the deployment optimization and day-to-day administration of our Splunk Enterprise Security (ES) platform across a cloud-based environment supporting one of the largest retail operations in the country. You will be the go-to subject matter expert for Splunk ES partnering with SOC analysts threat intelligence teams compliance stakeholders and IT leadership to ensure our security monitoring platform delivers maximum visibility reliability and value. This is a hands-on technically deep role for someone who thrives in complex high-volume environments and takes pride in building resilient security infrastructure.

Key Responsibilities

• Lead the end-to-end administration of Splunk Enterprise Security across a cloud-hosted (AWS/Azure/GCP) deployment including architecture decisions capacity planning performance tuning and version upgrades.
• Design implement and maintain ES frameworks including notable event configurations risk-based alerting asset and identity correlation and threat intelligence integrations.
• Develop and optimize correlation searches dashboards and investigation workflows to reduce alert fatigue and accelerate analyst response times.
• Drive data source onboarding and ensure CIM (Common Information Model) compliance for new and existing log sources across the enterprise.
• Partner with compliance teams to ensure Splunk ES configurations directly support PCI DSS SOX and NIST CSF audit and reporting requirements.
• Establish and maintain health monitoring for the Splunk environment including search performance indexing throughput forwarder connectivity and license utilization.
• Create and maintain operational documentation runbooks and knowledge base articles for Splunk ES administration and troubleshooting.
• Serve as the escalation point for complex Splunk issues and participate in incident response efforts during critical security events as needed.
• Evaluate and recommend new Splunk apps add-ons and integrations that strengthen the organizations security posture.
• Collaborate with Security Architecture peers to align Splunk ES capabilities with the broader security tooling ecosystem and long-term technology roadmap.

Required Experience

• 5 years of hands-on experience with Splunk platform administration with significant depth in Splunk Enterprise Security.
• Active Splunk certifications required: Splunk Enterprise Certified Admin and/or Splunk ES Certified Admin.
• Proven experience managing Splunk deployments in cloud environments (AWS Azure or GCP).
• Deep understanding of security monitoring log management SIEM operations and event correlation at enterprise scale.
• Working knowledge of PCI DSS SOX and NIST CSF compliance frameworks and how they translate into SIEM use cases and reporting requirements.
• Strong SPL (Search Processing Language) proficiency including complex statistical commands lookups macros and data models.
• Experience with Splunk infrastructure components: indexers search heads heavy/universal forwarders deployment servers and cluster management.
• Excellent communication skills with the ability to translate complex technical concepts for non-technical stakeholders.

Preferred Qualifications

• Experience in large-scale retail or similarly complex high-transaction-volume environments.
• Familiarity with Splunk SOAR (formerly Phantom) and security automation/orchestration workflows.
• Background in detection engineering threat hunting or SOC operations.
• Additional certifications such as CISSP GIAC (GCIA GCIH) or cloud security credentials (AWS Security Specialty AZ-500).
• Experience with Infrastructure as Code (Terraform Ansible) for Splunk deployment management.
• Scripting proficiency in Python Bash or PowerShell for automation and custom integrations.

Best Regards

Shikha Dixit Email: or LinkedIn:

Lead Recruiter

Siri InfoSolutions Inc 3 Ethel Rd Suite # 302 Edison NJ 08817.