Splunk & Observability​/SIEM Engineer

Aqueduct Technologies is a forward-thinking technology services firm committed to delivering best-in-class solutions that help our clients improve reliability, security, and operational performance. We are seeking a highly skilled Splunk & Observability/SIEM Engineer to join our growing team and help design, implement, and operate cutting‑edge observability and SIEM platforms for enterprise customers.

As a Splunk & Observability/SIEM Engineer, you will be responsible for architecting, deploying, and managing Splunk environments and observability integrations that help our clients gain deep insights into their systems and security posture. You will work closely with cross-functional teams including Security, Dev Ops, Infrastructure, and Application owners to ensure comprehensive log collection, alerting, analytics, and reporting. Experience with other observability and SIEM platforms (e.g., Elastic Stack, QRadar, Microsoft Sentinel) is a strong plus.

• Design, deploy, and support Splunk Enterprise and/or Splunk Cloud infrastructure (indexers, search heads, forwarders, deployment servers).
• Onboard, normalize, and manage diverse log sources across applications, infrastructure, cloud environments (AWS, Azure, GCP), and security solutions.
• Develop, optimize, and maintain Splunk dashboards, queries (SPL), alerts, and reports tailored to operational and security use cases.
• Collaborate with security operations and engineering teams to build and fine‑tune detection use cases, threat hunting workflows, and incident response capabilities.
• Monitor system performance, capacity planning, and ensure high availability and scalability of observability platforms.
• Troubleshoot complex issues across the observability stack and provide technical guidance to internal teams and clients.
• Create and maintain technical documentation, runbooks, and best practice standards for platform onboarding and usage.
• Provide mentoring and training for other engineers and platform users on Splunk and observability tools.

• Bachelor’s degree in Computer Science, Information Security, IT, or a related field (or equivalent experience).
• 3+ years of hands‑on experience with Splunk administration, configuration, and optimization.
• Strong experience designing search queries (SPL), dashboards, alerts, and data models.
• Proficiency with
  * nix/Linux administration and networking fundamentals.
• Familiarity with scripting languages such as Python, Bash, or Power Shell.
• Proven ability to integrate and normalize data from diverse log sources and technologies.
• Excellent problem‑solving, communication, and collaboration skills.

• Experience with other SIEM or observability platforms such as Elastic Stack (ELK), Microsoft Sentinel, QRadar, Datadog, New Relic, or similar.
• Prior work with cloud environments and observability integrations across AWS, Azure, GCP.
• Certifications such as Splunk Certified Power User, Administrator, or Architect, or relevant security certs (CISSP, GIAC, Security+).
• Background in security monitoring, threat detection, or incident response functions.
• Experience with CI/CD tooling, automation frameworks, and containerized environments.

Aqueduct Technologies is committed to developing a diverse and talented team. We celebrate and support diversity and are committed to making an inclusive environment for all employees and applicants including women, minorities, individuals with disabilities, members of the LGBTQIA community, veterans, and any other legally protected group. We are an Equal Opportunity Employer and do not discriminate against any employee or applicant on the basis of any status protected by federal, state, or local laws.