Skip to main content
Posted 12 June, 2026

Splunk Administrator / Splunk Engineer

ClifyX
Bengaluru,Karnataka,India Full Time
Reference: 365_594563_26-04010

Splunk Administrator / Splunk Engineer

1. Splunk Administration

  • Install, configure, and maintain Splunk Enterprise and Splunk Cloud environments.
  • Manage and support Splunk architecture components including Indexers, Search Heads, Forwarders, and Clusters.
  • Administer indexing, retention, and data lifecycle policies.
  • Optimize performance, scalability, and storage utilization across the Splunk platform.

2. Development & Visualization

  • Build and maintain dashboards, reports, and alerts using SPL (Search Processing Language).
  • Develop custom visualizations, data models, macros, and knowledge objects.
  • Design correlation searches for proactive monitoring, anomaly detection, and threat identification.
  • Enhance user experience through optimized searches and intuitive dashboards.

3. Data Onboarding & Management

  • Onboard data from diverse sources including application logs, system logs, metrics, APIs, JSON, and XML.
  • Configure and manage Universal Forwarders (UF) and Heavy Forwarders (HF).
  • Implement props.conf and transforms.conf for parsing, filtering, masking, and routing data.
  • Ensure data normalization, accurate field extractions, and CIM (Common Information Model) compliance.

4. Monitoring & Troubleshooting

  • Monitor Splunk infrastructure health, ingestion pipelines, and search performance.
  • Troubleshoot search latency, indexing delays, parsing issues, and field extraction errors.
  • Perform root cause analysis and implement longterm fixes.
  • Collaborate with IT, Security, DevOps, SRE, and Application teams to support business and security use cases.

5. Security & Compliance (RoleDependent)

  • Implement RBAC (RoleBased Access Control), index-level permissions, and data retention policies.
  • Support SIEM use cases, threat detection, and incident response workflows.
  • Integrate Splunk with enterprise security, observability, and monitoring tools.
  • Assist with audit readiness and compliance reporting.

Required Skills & Experience

  • Strong hands-on experience with Splunk Enterprise and/or Splunk Cloud.
  • Expertise in SPL, dashboards, alerts, and scheduled reports.
  • Experience with data onboarding, forwarder management, and parsing.
  • Solid understanding of Linux/Unix systems, networking fundamentals, logging frameworks, and regex.
  • Working knowledge of JSON, XML, and REST APIs.
  • Exposure to enterprise security or observability tools is highly desirable.

Preferred Qualifications

  • Splunk Certifications:
    • Splunk Power User
    • Splunk Admin / Cloud Admin
    • Splunk Enterprise Security (ES)
    • Splunk Observability Cloud
  • Experience with DevOps and automation tools: Git, CI/CD pipelines, Ansible.
  • Scripting skills in Python, Shell, or PowerShell.

Soft Skills

  • Strong analytical and problem-solving abilities.
  • Proven ability to collaborate across crossfunctional teams.
  • Excellent communication, documentation, and stakeholder management skill
Apply to this Job

Sign up for Job Alerts

By clicking Create Alert, you agree to the Global Terms of Use Agreement and acknowledge that you have read and understand the Global Privacy Policy.