This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Splunk Engineer based in India.
The role focuses on designing, implementing, and optimizing enterprise Splunk environments to support advanced security monitoring and operational visibility.
You will work across Splunk Enterprise and Splunk Enterprise Security (ES), building scalable logging solutions and improving threat detection capabilities.
The position involves collaborating with security teams, infrastructure engineers, and SOC analysts to strengthen monitoring and incident response processes.
You will contribute to developing dashboards, alerts, correlation searches, and automation workflows that enhance security operations.
This opportunity offers exposure to complex enterprise environments, cybersecurity technologies, and continuous platform improvements.
The ideal candidate will bring strong technical expertise, problem-solving abilities, and a passion for security engineering.
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Splunk Engineer based in India.
The role focuses on designing, implementing, and optimizing enterprise Splunk environments to support advanced security monitoring and operational visibility.
You will work across Splunk Enterprise and Splunk Enterprise Security (ES), building scalable logging solutions and improving threat detection capabilities.
The position involves collaborating with security teams, infrastructure engineers, and SOC analysts to strengthen monitoring and incident response processes.
You will contribute to developing dashboards, alerts, correlation searches, and automation workflows that enhance security operations.
This opportunity offers exposure to complex enterprise environments, cybersecurity technologies, and continuous platform improvements.
The ideal candidate will bring strong technical expertise, problem-solving abilities, and a passion for security engineering.
Accountabilities:
- Design, deploy, configure, and administer Splunk Enterprise and Splunk Enterprise Security environments.
- Manage Splunk components including Indexers, Search Heads, Forwarders, Deployment Servers, and Cluster Managers.
- Develop and optimize dashboards, reports, alerts, visualizations, and SPL queries.
- Create and maintain correlation searches, detection rules, and security monitoring use cases.
- Integrate logs from various sources including Windows, Linux, cloud platforms, firewalls, databases, applications, and network devices.
- Configure data ingestion, parsing, indexing, retention policies, and storage optimization.
- Monitor Splunk infrastructure health, performance, scalability, and availability.
- Support threat detection, incident investigation, forensic analysis, and SOC initiatives.
- Integrate Splunk with SOAR platforms, threat intelligence solutions, and third-party security tools.
- Troubleshoot ingestion issues, performance challenges, and platform-related incidents.
- Perform upgrades, patching, backup management, disaster recovery activities, and capacity planning.
- Create technical documentation, operational procedures, and knowledge base resources.
- 4–8 years of experience in Splunk Administration, SIEM Engineering, Security Operations, or related cybersecurity roles.
- Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, Engineering, or a related field.
- Hands-on expertise with Splunk Enterprise, Splunk Enterprise Security (ES), and SPL.
- Strong understanding of SIEM architecture, log management, security monitoring, and incident response processes.
- Experience with correlation searches, dashboards, reporting, detection rules, and security use case development.
- Knowledge of Universal Forwarders, Heavy Forwarders, Indexers, Search Heads, Deployment Servers, and cluster management.
- Experience working with Windows Server, Linux administration, Syslog, REST APIs, PowerShell, Python, TCP/IP networking, and automation.
- Familiarity with cloud monitoring platforms, security tools, and integrations such as SOAR solutions, threat intelligence platforms, or endpoint security technologies is a plus.
- Preferred certifications include Splunk Core Certified Power User, Splunk Enterprise Certified Admin, Splunk Enterprise Certified Architect, Splunk Certified Cybersecurity Defense Analyst, Microsoft security certifications, CompTIA CySA+, CISSP, or GCIH.
- Strong troubleshooting, analytical thinking, documentation, communication, and collaboration skills.
- Ability to manage multiple priorities in a fast-paced environment while maintaining attention to detail.
- Demonstrated interest in cybersecurity, continuous learning, and emerging technologies.
- Competitive salary package aligned with experience and technical expertise.
- Opportunity to work on enterprise-scale cybersecurity and SIEM initiatives.
- Exposure to advanced security technologies and complex IT environments.
- Professional growth opportunities through challenging projects and continuous learning.
- Collaborative work environment with experienced security and technology professionals.
- Flexible working arrangements and employee-focused workplace practices.
- Healthcare benefits and additional employee support programs.
- Opportunities to develop expertise across cybersecurity, cloud, and security operations domains.
The Splunk Engineer will be responsible for managing and enhancing enterprise SIEM capabilities, ensuring reliable data collection, security monitoring, and platform performance. The role requires strong technical ownership of Splunk infrastructure, detection engineering, and security operations support.
Requirements:
The ideal candidate will have strong experience in Splunk administration, SIEM engineering, and cybersecurity operations, combined with excellent analytical and communication skills.