functieomschrijving


  • 08 april 2026
  • vacaturenummer: 9205305
  • 08 april 2026
  • vacaturenummer: 9205305

As a Splunk Platform Engineer at our client, you own and optimize the hybrid Splunk landscape. You drive SIEM and observability excellence, ensuring security and IT teams rely on high-quality telemetry and actionable insights to make a real impact.

  • You architect and manage on-prem Splunk Enterprise environments, including Indexer and Search Head clusters.
  • You optimize data ingestion by implementing smart filtering, routing, and parsing via props and transforms.
  • You operate and tune Splunk Enterprise Security (ES) while maintaining detection coverage aligned to MITRE ATT&CK.
  • You integrate on-prem environments with Splunk Observability Cloud for seamless hybrid monitoring and APM.
  • You manage Splunk licensing and capacity planning to ensure platform resilience and cost-efficiency.

Functie-eisen

Your success for this role will come from...

  • You possess demonstrable experience with Splunk Enterprise architecture, including clustering and forwarder management.
  • You have in-depth knowledge of SPL performance tuning and Data Model Acceleration (DMA).
  • You have experience managing Splunk Enterprise Security and Risk-Based Alerting (RBA).
  • You are proficient in Linux system administration and scripting in Python, Bash, or PowerShell.
  • Strategic Vision: You oversee complex hybrid infrastructures and make decisions that support long-term goals.
  • Analytical Excellence: You dive deep into complex data streams to identify and resolve performance bottlenecks.
  • Results-Driven: You prioritize platform availability and reliability to empower your stakeholders.
  • Expert Communication: You act as a peer to SOC operations and IT management, translating technical needs into strategy.

Uiteraard staat deze vacature open voor iedereen die zich hierin herkent.

contact

Gustavo Muller Adade
gustavo.muller.adade@randstaddigital.nl
+31 06-27275235