Role : Data Engineer _ Splunk
Location : North Quincy, MA
Full Time only
Job Description
Must Have Technical/Functional Skills
Responsibilities:
· Develop, configure, and maintain Splunk dashboards, reports, alerts, and correlation searches to support security monitoring and operational visibility.
· Build and optimize log ingestion pipelines, ensuring accurate parsing, enrichment, and normalization of log data across multiple sources.
· Create and maintain SOPs, runbooks, triage workflows, and incident remediation procedures for Splunk- based monitoring operations.
· Perform alert triage, event investigation, and root‑cause analysis, leveraging Splunk queries and correlation logic.
· Continuously tune searches, dashboards, and alerts to improve detection quality and reduce noise/false positives.
· Partner with Security Operations, IT, Network, and Application teams to expand log coverage and improve monitoring use cases.
· Monitor Splunk platform health, performance, indexing, storage, and data ingestion to ensure high availability and reliability.
Requirements:
· Hands‑on experience with the Splunk platform, including dashboard creation, search queries (SPL), reports, and correlation rule development.
· Proven expertise in log analysis, event correlation, and building end‑to‑end monitoring use cases.
· Experience in operationalizing Splunk through SOPs, triage processes, runbooks, and incident response workflows.
· Strong understanding of log formats (syslog, JSON, Windows events), ingestion methods, and data onboarding best practices. · Ability to perform incident triage, investigation, and remediation using Splunk Search Processing Language (SPL).
· Knowledge of security monitoring concepts, SIEM architecture, detection logic, and alert tuning.
· Strong communication and documentation skills, with the ability to collaborate across SOC, IT, and Engineering teams.