Splunk Data Admin

Contract Type:

Location:

Melbourne - VIC 

Industry:

IT

Category:

Consultant

Contact Name:

Jonny Church

Contact Email:

Jonny.church@pra.com.au

Date Published:

12-Mar-2026

We’re looking for a mid to senior Splunk Data Administrator to take ownership of data onboarding, normalization and quality across a complex hybrid Splunk environment spanning on-prem and cloud platforms.

This role sits at the heart of the organisation’s observability and security analytics capability, ensuring log sources are onboarded correctly, parsed consistently and made usable for operational monitoring, dashboards, correlation searches and reporting.

What you’ll be doing
• Leading end-to-end onboarding of log sources including validation, parsing strategy, CIM alignment, testing and release
• Designing and implementing field extractions and parsing using props.conf, transforms.conf, regex and structured data formats
• Managing Splunk Add-ons (TAs), apps and deployment across forwarders, indexers and search heads
• Supporting hybrid Splunk architecture across on-prem and cloud environments
• Monitoring ingestion pipelines to ensure data quality, performance and reliability
• Working closely with security and IT teams to translate use cases into robust data ingestion and normalization strategies

What we’re looking for
• Strong hands-on experience administering Splunk in complex enterprise environments
• Experience onboarding and normalizing data sources aligned to the Splunk Common Information Model (CIM)
• Strong experience with field extraction, parsing and sourcetype configuration
• Experience working with indexer clusters, search head clusters and forwarder deployments
• Ability to write and validate SPL queries for data validation and troubleshooting
• Experience working with infrastructure, security or cloud log sources

Nice to have
• Experience with Splunk Enterprise Security
• Knowledge of HEC, API ingestion or modern data ingestion tooling
• Splunk certifications (Power User, Admin or ES)
This is a great opportunity to join a technically mature environment where Splunk plays a critical role in operational visibility and security analytics.

If you think you align with this role then get in touch for a full JD. Apply Today!
Jonny.Church@PRA.com.au
APPLY NOW
APPLY NOW
Apply With Button

Share this job

Interested in this job?
Save Job
Create As Alert

Similar Jobs

Read More
SCHEMA MARKUP ( This text will only show on the editor. )