Splunk ES Consultant
Location: Remote
Compensation: To Be Discussed
Reviewed: Wed, Jun 24, 2026
This job expires in: 21 days
Job Summary
Working remotely on a contract basis, the Splunk ES Consultant will develop custom detection content, build and maintain Splunk Apps, and optimize data flow while collaborating with client security teams.
Key responsibilities
- Develop custom detection content including correlation searches, alerts, and dashboards to identify threat activity
- Onboard new data sources and ensure normalization to the Common Information Model (CIM)
- Support and optimize large distributed clustered Splunk environments while documenting processes and procedures
Required qualifications
- Several years of hands-on Splunk experience, particularly with ES implementation and content development
- Strong proficiency in SPL and regular expressions, along with scripting in Python, Perl, or Bash
- Solid understanding of CIM and experience with data onboarding at scale
- Experience supporting clustered Splunk environments in SOC or NOC settings
- Demonstrated ES delivery experience is preferred over certifications
COMPLETE JOB DESCRIPTION
The job description is available to subscribers. Subscribe today to get the full benefits of a premium membership with Virtual Vocations. We offer the largest remote database online...