Splunk Engineer-Hurricane Labs

A bit about Lyra…

Lyra Technology Group is a family of industry leading technology service businesses. Our companies are operated independently by exceptional management teams. Companies that join our group retain the employees, name, and culture that have made them successful. As a platform of Evergreen Services Group, we never divest from businesses we partner with and approach every decision with the goal of driving sustainable and healthy growth over the long term.

Splunk Engineer -Lyra Technology Group
 
Lyra Technology Group is seeking a Splunk Engineer for one of their operating companies, Hurricane Labs.   As Splunk Engineer, you will provide systems and architecture support for client Splunk environments including search heads, indexers, deployers, deployment servers, heavy/universal forwarders, and Splunk Enterprise Security. This is a hands-on engineering role focused on data onboarding, environment health, performance tuning, and implementing best practices across varied customer environments.  You will work closely with Senior Engineers, Project Managers, and our SOC team to ensure platforms are built, maintained, and optimized at scale.

About Hurricane Labs…

At Hurricane Labs, we exist to make security smarter, simpler, and more impactful for our customers, partners, and people. As a high-fidelity cybersecurity services company, we deliver outcomes that live in a customer's environment indefinitely through our Managed SOC, Managed Splunk, SOAR, Advisory Services, and professional services offerings. Our customers rely on our deep technical expertise, tailored delivery, and long-term partnership approach.
We are seeking dynamic, adaptable team members who thrive in a fast-evolving technical environment.

Your work as a Splunk Engineer will include several components:  

•    Data Onboarding - Responsible for data onboarding which may include application/add-on installation, custom parsing rules, and CIM compliance.
•    Architecture Changes & Deployments - Manage Splunk environment architecture changes, design, as well as deployments such as ground up environment builds of all server roles. Assist clients in cloud migration efforts.
•    Updates - Deliver major version updates and/or upgrades of Splunk apps and TAs as well as Splunk versions.
•    Maintenance Release Updates - Handle maintenance release updates across customer environments.
•    New Feature Deployment - Work closely with QA and Senior Engineers to deploy new features, apps, and capabilities.
•    Sprint / Project Development - Complete engineering work assigned by Project Managers within the designated sprint/project timelines. Communicate any blockers or delays to Technical Account Managers promptly so            adjustments can be made.
•    Data Onboarding Pipeline Development - Develop and manage onboarding pipelines for log ingestion, parsing, field extraction, indexing, and data quality validation.
•    Use Case Content Development - Create and optimize dashboards, alerts, saved searches, and correlation searches to support SOC, IT Operations, and Compliance cases.
•    Automation & Tooling - Build automation pipelines for onboarding, ongoing health checks, maintenance tasks, and system updates (e.g., Ansible, Git-based workflows).

Our ideal Splunk Engineer has the following qualifications:

•    Strong Splunk knowledge: search heads, indexers, clustering, props/transforms, data models, CIM, and ES (preferred).
•    Certified Splunk Architect
•    Strong Linux system administration + troubleshooting skills.
•    Experience with automation tools (Ansible preferred).
•    Familiarity with Git and version-controlled workflows.
•    Strong communication, documentation, and remote collaboration skills.
•    Experience working with MSSPs or multi-tenant environments is a plus.

The targeted salary for this role is $125,000 per year and will operate at a fully remote capacity. If you're passionate about delivering high-quality solutions and thrive in dynamic technical landscapes, we want to hear from you!