Splunk Engineer-Hurricane Labs

Splunk Engineer - Lyra Technology Group

Lyra Technology Group is a family of industry leading technology service businesses. Our companies are operated independently by exceptional management teams. Companies that join our group retain the employees, name, and culture that have made them successful. As a platform of Evergreen Services Group, we never divest from businesses we partner with and approach every decision with the goal of driving sustainable and healthy growth over the long term.

Lyra Technology Group is seeking a Splunk Engineer for one of its operating companies, Hurricane Labs. As a Splunk Engineer, you will provide systems and architecture support for client Splunk environments including search heads, indexers, deployers, deployment servers, heavy/universal forwarders, and Splunk Enterprise Security. This is a hands‑on engineering role focused on data onboarding, environment health, performance tuning and implementing best practices across varied customer environments.

You will work closely with Senior Engineers, Project Managers and our SOC team to ensure platforms are built, maintained, and optimised at scale.

At Hurricane Labs, we exist to make security smarter, simpler, and more impactful for our customers, partners, and people. As a high‑fidelity cybersecurity services company, we deliver outcomes that live in a customer's environment indefinitely through our Managed SOC, Managed Splunk, SOAR, Advisory Services and professional services offerings. Our customers rely on our deep technical expertise, tailored delivery and long‑term partnership approach.

We are seeking dynamic, adaptable team members who thrive in a fast‑evolving technical environment.

• Data Onboarding – Responsible for data onboarding which may include application/add‑on installation, custom parsing rules and CIM compliance.
• Architecture Changes & Deployments – Manage Splunk environment architecture changes, design, and deployments such as ground‑up environment builds of all server roles. Assist clients in cloud migration efforts.
• Updates – Deliver major version updates and/or upgrades of Splunk apps and TAs as well as Splunk versions.
• Maintenance Release Updates – Handle maintenance release updates across customer environments.
• New Feature Deployment – Work closely with QA and Senior Engineers to deploy new features, apps, and capabilities.
• Sprint / Project Development – Complete engineering work assigned by Project Managers within the designated sprint/project timelines. Communicate any blockers or delays to Technical Account Managers promptly so adjustments can be made.
• Data Onboarding Pipeline Development – Develop and manage onboarding pipelines for log ingestion, parsing, field extraction, indexing and data quality validation.
• Use Case Content Development – Create and optimise dashboards, alerts, saved searches and correlation searches to support SOC, IT Operations and compliance cases.
• Automation & Tooling – Build automation pipelines for onboarding, ongoing health checks, maintenance tasks and system updates (e.g. Ansible, Git‑based workflows).

• Strong Splunk knowledge: search heads, indexers, clustering, props/transforms, data models, CIM and ES (preferred).
• Certified Splunk Architect.
• Strong Linux system administration and troubleshooting skills.
• Experience with automation tools (Ansible preferred).
• Familiarity with Git and version‑controlled workflows.
• Strong communication, documentation and remote collaboration skills.
• Experience working with MSSPs or multi‑tenant environments is a plus.

The targeted salary for this role is $125,000 per year and will operate at a fully remote capacity. If you are passionate about delivering high‑quality solutions and thrive in dynamic technical landscapes, we want to hear from you!