Job Type: Contract

Job Category: IT

Job Description

Job Title: Splunk/Cribl Data Engineer

Location: Quincy, MA – Onsite
6-12 Months Contract – Possible Extension

Job Description: We are seeking three (3) skilled Splunk/Cribl Data Engineers to support the onboarding and integration of security and infrastructure logs across multiple cloud environments. The engineers will be responsible for ingesting, transforming, and routing logs from cloud-native sources (AWS, Azure, OCI) and business applications into the Splunk SIEM platform using Cribl Stream and a variety of data collection agents.

This role is highly technical and requires deep expertise in Splunk administration, Cribl Stream development, and modern log pipeline management practices.

Key Responsibilities:

• Onboard and route security and infrastructure logs from AWS, Azure, OCI, and business applications to Splunk using Cribl Stream.
• Develop and maintain Cribl pipelines for parsing, enriching, and routing logs.
• Work with log agents including Splunk Universal Forwarder, Grafana Agent, OpenTelemetry, and Fluentbit/Fluentd.
• Ensure data quality, normalization, and transformation using RegEx, JavaScript, and Cribl functions.
• Collaborate with platform engineers, security teams, and application owners to ensure timely and accurate log onboarding.
• Maintain and improve Splunk platform performance, indexer health, and ingestion pipelines.
• Implement and maintain GitOps workflows for version-controlled pipeline deployment.

 

Required Skills:

• Strong experience with Splunk Data Onboarding and Splunk Administration.
• Proficiency with Cribl Stream for log transformation, routing, and optimization.
• Experience using data collection tools: Splunk UF, Grafana Agent, OpenTelemetry, Fluentbit, and Fluentd.
• Strong RegEx and JavaScript scripting skills for parsing and field extraction.
• Hands-on experience with GitOps, version control (Git), and CI/CD workflows for Cribl pipeline deployments.
• Deep understanding of log formats, data normalization, and SIEM integration best practices.
• Experience in multi-cloud environments (AWS, Azure, OCI) and cloud-native logging services.

 

Nice to Have:

• Splunk certifications (Power User, Admin, Architect).
• Experience with Cribl Edge or other log stream processing platforms.
• Familiarity with cloud-native security services (AWS CloudTrail, Azure Monitor, OCI Logging).

#SplunkEngineer, #CriblStream, #CriblDataEngineer, #SplunkJobs, #CriblJobs, #Observability, #SIEMEngineer, #DataEngineer, #SplunkAdmin, #CriblEdge, #SplunkArchitect, #LogAnalytics, #CyberSecurityJobs, #DevOpsEngineer, #ITDataEngineer, #DataPipelines, #LogMonitoring, #DataVisibility, #DataStreaming, #SecurityAnalytics, #SplunkCribl, #SplunkInfrastructure, #RemoteDataEngineer, #TechJobs, #CloudEngineering, #SplunkCriblJobs, #DataEngineering, #MonitoringSolutions, #CriblSolutions, #TelemetryData, #CriblPipeline, #SplunkCloud, #SplunkSIEM, #CriblExpert, #CriblDeployment, #SplunkIntegration

Required Skills