Description

We are seeking a skilled Splunk ITSI (IT Service Intelligence) Engineer to support our IT operations and observability initiatives in Louisville, KY. The ideal candidate will have hands-on experience designing and implementing ITSI-based monitoring and analytics solutions to drive real-time insights across enterprise IT environments.

Key Responsibilities:

• Design, develop, and implement ITSI dashboards, glass tables, KPIs, and services to support end-to-end infrastructure and application monitoring.
• Integrate data sources from various systems (e.g., servers, applications, network, cloud platforms) into Splunk to enable meaningful correlation and alerting.
• Develop and optimize correlation searches, notable events, and alerting rules aligned with business service health and SLAs.
• Collaborate with IT, NOC, and application teams to identify key metrics and performance indicators for proactive monitoring.
• Maintain and improve ITSI service trees, ensuring accurate dependencies and service health scoring.
• Troubleshoot and resolve Splunk ingestion, performance, or search-related issues.
• Support upgrades, patching, and performance tuning of Splunk and ITSI components.
• Ensure data governance, access control, and best practices in dashboard/report creation.

Required Skills & Experience:

• 3+ years of experience with Splunk, including 1+ years with Splunk ITSI.
• Strong knowledge of IT operations, incident management, and observability practices.
• Experience with Splunk SPL, correlation searches, adaptive thresholds, and notable event frameworks.
• Familiarity with infrastructure monitoring tools and log aggregation practices.
• Proficient in integrating multiple log/data sources into Splunk.
• Strong problem-solving skills and the ability to work independently or in teams.

Preferred Qualifications:

• Splunk ITSI certification or Splunk Core Certified Power User/Admin.
• Experience in large enterprise or multi-tenant environments.
• Familiarity with Python, REST APIs, or automation tools like Ansible is a plus.
• Experience with cloud-hosted Splunk environments (AWS, GCP, Azure)