Splunk ES Consultant
Location: Remote
Compensation: To Be Discussed
Reviewed: Thu, Jun 25, 2026
This job expires in: 22 days
Job Summary
Working remotely on a contract basis, the Splunk ES Consultant will develop custom detection content, build and maintain Splunk Apps, and optimize data flow while collaborating with client security teams.
Key responsibilities
- Develop custom detection content including correlation searches, alerts, and reports to identify threat activity
- Onboard new data sources and ensure normalization to the Common Information Model (CIM)
- Support and optimize large distributed clustered Splunk environments while documenting processes and key engineering decisions
Required qualifications
- Several years of hands-on Splunk experience with ES implementation and content development
- Strong proficiency in SPL and regular expressions, along with scripting in Python, Perl, or Bash
- Solid understanding of CIM and experience with data onboarding and normalization at scale
- Experience supporting clustered Splunk environments in SOC or NOC settings
- Proficiency in Linux, including managing Splunk config files and apps
COMPLETE JOB DESCRIPTION
The job description is available to subscribers. Subscribe today to get the full benefits of a premium membership with Virtual Vocations. We offer the largest remote database online...