Senior Technical Lead Splunk

Summary:

The Senior Splunk Engineer will operate and improve the on-premise Splunk SIEM platform, focusing on transitioning operations from Infosys and ensuring the stability of an enterprise-scale environment.

Responsibilities:

• Plan & Build: Perform log onboarding, parser creation, manage ingestion pipelines, and deploy Splunk components.

• Operations: Ensure full platform operation and lead incident management.

• Configuration & Release Management: Implement changes, maintain backups, manage patching and releases.

• Security, Hardening & Compliance: Conduct vulnerability scans and automate operational workflows.

• Transition: Validate configurations and ensure operational stability during transition.

Must Haves:

• 9-12 years of experience in Splunk/SIEM within large enterprises.

• Expertise in Splunk architecture and CIM onboarding.

• Strong scripting skills in Terraform and Ansible.

• Two relevant Splunk certifications (e.g., Splunk Core Certified Admin).

Nice to Haves:

• Experience with Syslog-ng and implementing secure access methods.

• Proficient in Bash/Python scripting.

Other Details:

• Location: On-premise environment

• Team Structure: Part of a larger Cyber Security team

Reason (Must Have):

• 9-12 years experience: Essential for handling complex SIEM operations and ensuring success in the role.

• Splunk architecture expertise: Necessary for maintaining and improving system performance.

• Scripting skills: Crucial for automating processes and managing configurations efficiently.

• Relevant certifications: Validates the candidate’s knowledge and skills in Splunk.

Reason (Nice to Have):

• Experience with secure access: Enhances compliance and security of operations.

• Proficiency in Bash/Python: Adds flexibility in automating various Splunk tasks, making workflows more efficient.