Splunk Enterprise Security (ES) Consultant - remote
Location
Arlington, WI
Job Type
Full-time
Category
other-general
Posted
June 29, 2026
Splunk Enterprise Security (ES) Consultant - remote
Remote – offsite
Responsibilities
+ Develop custom detection content: correlation searches, notable events, alerts, reports, and visualizations to surface threat activity
+ Build and maintain Splunk Apps and Technology Add-ons (TAs)
+ Onboard new data sources and normalize them to the Common Information Model (CIM)
+ Optimize data flow and ingestion using aggregation, filtering, and pipeline tuning
+ Configure notable event actions, action menus, and Adaptive Responses
+ Tune detections to cut noise and surface what matters, including risk-based alerting where applicable
+ Build dashboards that highlight anomalies, trends, and security and operational metrics
+ Support and optimize large distributed clustered Splunk environments (search heads, indexers, forwarders, deployment servers)
+ Partner with the client's security and SOC team...
Remote – offsite
Responsibilities
+ Develop custom detection content: correlation searches, notable events, alerts, reports, and visualizations to surface threat activity
+ Build and maintain Splunk Apps and Technology Add-ons (TAs)
+ Onboard new data sources and normalize them to the Common Information Model (CIM)
+ Optimize data flow and ingestion using aggregation, filtering, and pipeline tuning
+ Configure notable event actions, action menus, and Adaptive Responses
+ Tune detections to cut noise and surface what matters, including risk-based alerting where applicable
+ Build dashboards that highlight anomalies, trends, and security and operational metrics
+ Support and optimize large distributed clustered Splunk environments (search heads, indexers, forwarders, deployment servers)
+ Partner with the client's security and SOC team...