Splunk Site Reliability Engineer

Location: Birmingham (Hybrid/On‑site, required 3 days per week). Contract Type: Contract. Duration: 3 months rolling.

We are seeking an experienced Splunk SME/Migration Specialist to lead and support the migration of observability workloads from Splunk to Elasticsearch (ELK Stack). The ideal candidate will bring hands‑on expertise in Splunk architecture, data ingestion, alerting, and dashboarding, along with experience migrating workloads to Elasticsearch. In addition to migration duties, the candidate will maintain and enhance existing Splunk infrastructure, provide incident support, manage upgrades, and ensure observability platforms remain secure and performant.

• Develop and implement a comprehensive migration strategy from Splunk to Elasticsearch (ELK Stack).
• Assess existing Splunk configurations (dashboards, alerts, saved searches, data models) and recreate them in Kibana.
• Collaborate with Elastic teams to configure alerting and monitoring using Kibana, Elasticsearch Watcher, or third‑party tools.
• Ensure migration plans include validation, rollback procedures, and knowledge transfer.
• Maintain Splunk infrastructure in both Production and Non‑Production environments.
• Support Splunk SRE and Application teams in incident investigation and resolution.
• Proactively monitor system health and performance metrics.
• Plan and execute upgrades to Splunk components.
• Perform pre‑ and post‑upgrade checks and validations.
• Prepare documentation and submit Change Requests following organizational procedures.
• Work with Puppet and other automation tools to ensure timely patching of vulnerabilities.
• Implement and verify security best practices for observability platforms.
• Support compliance initiatives and audits.
• Maintain accurate and up‑to‑date technical documentation, including architecture diagrams, configurations, procedures, and troubleshooting guides.
• Review and update support articles and take ownership of relevant assets.
• Support knowledge transfer across teams as needed.
• Identify and resolve issues in Splunk and ELK environments.
• Assist teams with Splunk-related queries and optimization efforts.

• Proven expertise with Splunk architecture, data ingestion, dashboarding, alerting, and administration.
• Experience migrating Splunk workloads to Elasticsearch (ELK Stack).
• Solid understanding of Kibana, Elasticsearch Watcher, and observability tooling.
• Proficiency in Linux/Unix systems and networking protocols.
• Hands‑on experience with scripting (e.g., Python, Shell/Bash).
• Experience supporting or working alongside DevOps/SRE teams.
• Strong analytical, troubleshooting, and communication skills.
• Experience with containerized environments such as Docker or Kubernetes (desirable).
• Industry certifications such as Splunk Certified Power User/Admin/Architect (desirable).
• Knowledge of automation tools (e.g., Puppet, Ansible) (desirable).
• Bachelor's degree in Computer Science, Information Systems, or related field (desirable).

• Independent and proactive problem‑solver.
• Collaborative and able to work cross‑functionally with infrastructure, security, and application teams.
• Able to work under pressure and prioritize tasks effectively.
• Strong communicator, both written and verbal.