Splunk Engineer

Zotec PartnersCarmel, IN, US

job_description.job_card.30_days_ago

serp_jobs.job_preview.job_type

serp_jobs.job_card.full_time

job_description.job_card.job_description

Job Description

At Zotec Partners, our People make it happen.

Transforming the healthcare industry isn't easy. But when you build a team like the one we have, that goal can become a reality. Our accomplishments can't happen without our extraordinary people – the men and women across the country who make up our diverse Zotec family and help make this company a best place to work.

Over 25 years ago, we started Zotec with a clear vision, to partner with physicians to simplify the business of healthcare. Today we are more than 900 employees strong and we continue to use our incredible talent and energy to bring that vision to life. We are a team of Innovators, Collaborators and Doers.

We're seeking a Splunk Security Engineer to join us.

This is a hands-on technical role where you'll serve as Zotec's Splunk Subject Matter Expert. You'll maintain our Splunk infrastructure (Enterprise, ES, ITSI, and Cloud) while enabling teams across the organization to leverage Splunk effectively.

What you'll do :

Platform Administration (Primary Focus)

Manage Splunk Enterprise clusters, deployment servers, and forwarders
Troubleshoot platform issues : performance, parsing failures, forwarder connectivity
Configure data inputs and optimize license usage
Plan and execute upgrades and maintain system health
Create and maintain props.conf, transforms.conf, and other configurations

Technical Leadership & Training

Serve as the company-wide Splunk SME and technical advisor

Train users across Security, IT Operations, and Application teams

Develop training materials and best practices documentation

Provide guidance on dashboard creation and search optimization

Build self-service capabilities for non-security teams

Security Operations Support

Implement detection rules created by Security Detection Engineers in Splunk ES

Build and optimize security dashboards for SOC use

Ensure data models maintain CIM compliance

Provide tier 3 Splunk support during incidents

Tune search performance while maintaining detection accuracy

Data Management

Onboard new data sources using forwarders, HEC, and technical add-ons

Develop parsing rules for custom log formats

Troubleshoot ingestion issues and data quality problems

Work with development teams on logging standards

What you'll bring to Zotec :

Must Have :

3+ years hands-on Splunk administration experience (not just user experience)

Proven expertise with distributed Splunk architectures

Strong SPL and regex skills for complex queries and parsing

Experience with Splunk ES or ITSI administration

Linux / Unix command line proficiency

Ability to explain technical concepts to diverse audiences

Preferred :

Splunk certifications (Admin, Architect, ES Admin)

Python or PowerShell scripting experience

Splunk Cloud experience

Experience training technical and non-technical users

Key Indicators of Fit :

You've managed indexer and search head clusters

You understand Splunk configuration file precedence

You can optimize searches that are impacting performance

You enjoy teaching others and sharing knowledge

You're comfortable with on-call rotation for critical issues

At Zotec, you will enjoy a network of highly experienced professionals in an environment where you can operate with autonomy yet have the resources and backing of other professionals in a similar role. Entrepreneurial and enterprising is the spirit of our team. If you are an original thinker and opportunity seeker, we'd like to talk to you!

Learn more about our organization, by visiting us at www.zotecpartners.com

E-Verify and Equal Opportunity Employer

0zy6uP0NHk

serp_jobs.job_alerts.create_a_job

Splunk Engineer • Carmel, IN, US