Secret Splunk Engineer

JOB DESCRIPTION

We are seeking a highly skilled Splunk to Elastic Migration Engineer to lead and execute end‑to‑end SIEM modernization initiatives. This role is responsible for designing and implementing Elastic deployments using the Elastic Cloud on Kubernetes (ECK) model, migrating legacy Splunk knowledge objects, detections, and data pipelines, and ensuring operational readiness through cutover validation and workflow integration. The ideal candidate has deep hands‑on experience with SIEM engineering, detection engineering, Elastic Stack architecture, and security operations workflows—particularly within enterprise or federal environments.

REQUIRED SKILLS AND EXPERIENCE

* 5 years' experience in SIEM engineering or security operations

* Hands‑on experience with Elastic Stack (Elasticsearch, Kibana, Elastic Security)

* Proven experience migrating from Splunk to Elastic or similar SIEM platforms

* Strong understanding of: SIEM data models and schemas

* Elastic Common Schema (ECS) * Detection engineering and alert tuning

* Experience with Kubernetes and the ECK deployment model

* Strong scripting or automation skills (Python, Bash, etc.)

NICE TO HAVE SKILLS AND EXPERIENCE

Experience supporting DoD, federal, or highly regulated environments Familiarity with MITRE ATT&CK–based detection frameworks Experience integrating SIEM tools with SOAR platforms Elastic Certified Engineer or Analyst certifications Splunk administration or migration background