As a Splunk Platform Engineer at our client, you own and optimize the hybrid Splunk landscape. You drive SIEM and observability excellence, ensuring security and IT teams rely on high-quality telemetry and actionable insights to make a real impact.

You architect and manage on-prem Splunk Enterprise environments, including Indexer and Search Head clusters.
You optimize data ingestion by implementing smart filtering, routing, and parsing via props and transforms.
You operate and tune Splunk Enterprise Security (ES) while maintaining detection coverage aligned to MITRE ATT&CK.
You integrate on-prem environments with Splunk Observability Cloud for seamless hybrid monitoring and APM.
You manage Splunk licensing and capacity planning to ensure platform resilience and cost-efficiency.

Functie-eisen

Your success for this role will come from...

You possess demonstrable experience with Splunk Enterprise architecture, including clustering and forwarder management.
You have in-depth knowledge of SPL performance tuning and Data Model Acceleration (DMA).
You have experience managing Splunk Enterprise Security and Risk-Based Alerting (RBA).
You are proficient in Linux system administration and scripting in Python, Bash, or PowerShell.
Strategic Vision: You oversee complex hybrid infrastructures and make decisions that support long-term goals.
Analytical Excellence: You dive deep into complex data streams to identify and resolve performance bottlenecks.
Results-Driven: You prioritize platform availability and reliability to empower your stakeholders.
Expert Communication: You act as a peer to SOC operations and IT management, translating technical needs into strategy.

Uiteraard staat deze vacature open voor iedereen die zich hierin herkent.