Senior Splunk Engineer

Summary:

The Senior Splunk Engineer will operate and improve the on-premise Splunk SIEM platform, focusing on transitioning operations and ensuring the stability of an enterprise-scale environment.

Main Responsibilities:

• Plan & Build: Perform log onboarding, parser creation, manage ingestion pipelines, and deploy Splunk components.

• Operations: Ensure full platform operation and lead incident management.

• Configuration & Release Management: Implement changes, maintain backups, manage patching and releases.

• Security, Hardening & Compliance: Conduct vulnerability scans and automate operational workflows.

• Transition: Validate configurations and ensure operational stability during transition.

Key Requirements:

• 9-12 years of experience in Splunk/SIEM within large enterprises.

• Expertise in Splunk architecture and CIM onboarding.

• Strong scripting skills in Terraform and Ansible.

• Two relevant Splunk certifications (e.g., Splunk Core Certified Admin).

Nice to Have:

• Experience with Syslog-ng and implementing secure access methods.

• Proficient in Bash/Python scripting.

Other Details:

Location: On-premise environment
Team Structure: Part of a larger Cyber Security team.