Splunk & Observability/SIEM Engineer
About The Position
Aqueduct Technologies is a forward-thinking technology services firm committed to delivering best-in-class solutions that help our clients improve reliability, security, and operational performance. We are seeking a highly skilled Splunk & Observability/SIEM Engineer to join our growing team and help design, implement, and operate cutting-edge observability and SIEM platforms for enterprise customers. As a Splunk & Observability/SIEM Engineer, you will be responsible for architecting, deploying, and managing Splunk environments and observability integrations that help our clients gain deep insights into their systems and security posture. You will work closely with cross-functional teams including Security, DevOps, Infrastructure, and Application owners to ensure comprehensive log collection, alerting, analytics, and reporting. Experience with other observability and SIEM platforms (e.g., Elastic Stack, QRadar, Microsoft Sentinel) is a strong plus.
Requirements
- Bachelorâs degree in Computer Science, Information Security, IT, or a related field (or equivalent experience).
- 3+ years of hands-on experience with Splunk administration, configuration, and optimization.
- Strong experience designing search queries (SPL), dashboards, alerts, and data models.
- Proficiency with nix/Linux administration and networking fundamentals.
- Familiarity with scripting languages such as Python, Bash, or PowerShell.
- Proven ability to integrate and normalize data from diverse log sources and technologies.
- Excellent problem-solving, communication, and collaboration skills.
Nice To Haves
- Experience with other SIEM or observability platforms such as Elastic Stack (ELK), Microsoft Sentinel, QRadar, Datadog, New Relic, or similar.
- Prior work with cloud environments and observability integrations across AWS, Azure, GCP.
- Certifications such as Splunk Certified Power User, Administrator, or Architect, or relevant security certs (CISSP, GIAC, Security+).
- Background in security monitoring, threat detection, or incident response functions.
- Experience with CI/CD tooling, automation frameworks, and containerized environments.
Responsibilities
- Design, deploy, and support Splunk Enterprise and/or Splunk Cloud infrastructure (indexers, search heads, forwarders, deployment servers).
- Onboard, normalize, and manage diverse log sources across applications, infrastructure, cloud environments (AWS, Azure, GCP), and security solutions.
- Develop, optimize, and maintain Splunk dashboards, queries (SPL), alerts, and reports tailored to operational and security use cases.
- Collaborate with security operations and engineering teams to build and fine-tune detection use cases, threat hunting workflows, and incident response capabilities.
- Monitor system performance, capacity planning, and ensure high availability and scalability of observability platforms.
- Troubleshoot complex issues across the observability stack and provide technical guidance to internal teams and clients.
- Create and maintain technical documentation, runbooks, and best practice standards for platform onboarding and usage.
- Provide mentoring and training for other engineers and platform users on Splunk and observability tools.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
