Splunk Engineer

Jobgether·Lever
IndiaFull-timePosted Jul 10, 2026
Apply

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Splunk Engineer based in India.

The role focuses on designing, implementing, and optimizing enterprise Splunk environments to support advanced security monitoring and operational visibility.
You will work across Splunk Enterprise and Splunk Enterprise Security (ES), building scalable logging solutions and improving threat detection capabilities.
The position involves collaborating with security teams, infrastructure engineers, and SOC analysts to strengthen monitoring and incident response processes.
You will contribute to developing dashboards, alerts, correlation searches, and automation workflows that enhance security operations.
This opportunity offers exposure to complex enterprise environments, cybersecurity technologies, and continuous platform improvements.
The ideal candidate will bring strong technical expertise, problem-solving abilities, and a passion for security engineering.

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Splunk Engineer based in India.

The role focuses on designing, implementing, and optimizing enterprise Splunk environments to support advanced security monitoring and operational visibility.
You will work across Splunk Enterprise and Splunk Enterprise Security (ES), building scalable logging solutions and improving threat detection capabilities.
The position involves collaborating with security teams, infrastructure engineers, and SOC analysts to strengthen monitoring and incident response processes.
You will contribute to developing dashboards, alerts, correlation searches, and automation workflows that enhance security operations.
This opportunity offers exposure to complex enterprise environments, cybersecurity technologies, and continuous platform improvements.
The ideal candidate will bring strong technical expertise, problem-solving abilities, and a passion for security engineering.

Accountabilities:

    The Splunk Engineer will be responsible for managing and enhancing enterprise SIEM capabilities, ensuring reliable data collection, security monitoring, and platform performance. The role requires strong technical ownership of Splunk infrastructure, detection engineering, and security operations support.

    • Design, deploy, configure, and administer Splunk Enterprise and Splunk Enterprise Security environments.
    • Manage Splunk components including Indexers, Search Heads, Forwarders, Deployment Servers, and Cluster Managers.
    • Develop and optimize dashboards, reports, alerts, visualizations, and SPL queries.
    • Create and maintain correlation searches, detection rules, and security monitoring use cases.
    • Integrate logs from various sources including Windows, Linux, cloud platforms, firewalls, databases, applications, and network devices.
    • Configure data ingestion, parsing, indexing, retention policies, and storage optimization.
    • Monitor Splunk infrastructure health, performance, scalability, and availability.
    • Support threat detection, incident investigation, forensic analysis, and SOC initiatives.
    • Integrate Splunk with SOAR platforms, threat intelligence solutions, and third-party security tools.
    • Troubleshoot ingestion issues, performance challenges, and platform-related incidents.
    • Perform upgrades, patching, backup management, disaster recovery activities, and capacity planning.
    • Create technical documentation, operational procedures, and knowledge base resources.
    • Requirements:

      The ideal candidate will have strong experience in Splunk administration, SIEM engineering, and cybersecurity operations, combined with excellent analytical and communication skills.

      • 4–8 years of experience in Splunk Administration, SIEM Engineering, Security Operations, or related cybersecurity roles.
      • Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, Engineering, or a related field.
      • Hands-on expertise with Splunk Enterprise, Splunk Enterprise Security (ES), and SPL.
      • Strong understanding of SIEM architecture, log management, security monitoring, and incident response processes.
      • Experience with correlation searches, dashboards, reporting, detection rules, and security use case development.
      • Knowledge of Universal Forwarders, Heavy Forwarders, Indexers, Search Heads, Deployment Servers, and cluster management.
      • Experience working with Windows Server, Linux administration, Syslog, REST APIs, PowerShell, Python, TCP/IP networking, and automation.
      • Familiarity with cloud monitoring platforms, security tools, and integrations such as SOAR solutions, threat intelligence platforms, or endpoint security technologies is a plus.
      • Preferred certifications include Splunk Core Certified Power User, Splunk Enterprise Certified Admin, Splunk Enterprise Certified Architect, Splunk Certified Cybersecurity Defense Analyst, Microsoft security certifications, CompTIA CySA+, CISSP, or GCIH.
      • Strong troubleshooting, analytical thinking, documentation, communication, and collaboration skills.
      • Ability to manage multiple priorities in a fast-paced environment while maintaining attention to detail.
      • Demonstrated interest in cybersecurity, continuous learning, and emerging technologies.
      • Benefits:

        • Competitive salary package aligned with experience and technical expertise.
        • Opportunity to work on enterprise-scale cybersecurity and SIEM initiatives.
        • Exposure to advanced security technologies and complex IT environments.
        • Professional growth opportunities through challenging projects and continuous learning.
        • Collaborative work environment with experienced security and technology professionals.
        • Flexible working arrangements and employee-focused workplace practices.
        • Healthcare benefits and additional employee support programs.
        • Opportunities to develop expertise across cybersecurity, cloud, and security operations domains.
How Jobgether works: We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team. We appreciate your interest and wish you the best!  Why Apply Through Jobgether?    Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.     #LI-CL1

Want jobs like this matched to you?

Swoopd scores fresh postings against your résumé so you only see the matches that matter.

Get started free