Ativa os alertas de emprego por e-mail!
Senior Splunk Engineer
emagine
Cambé
Presencial
BRL 420.000 - 527.000
Tempo integral
Cria um currículo personalizado em poucos minutos
Consegue uma entrevista e ganha mais. Sabe mais
Resumo da oferta
A leading technology consulting firm in Brazil is seeking an experienced Senior Splunk Engineer to operate its on-premise Splunk SIEM platform. The successful candidate will perform log onboarding, manage ingestion pipelines, and ensure platform stability. This position requires 5-10 years of experience in Splunk/SIEM, strong scripting skills, and relevant certifications. A proactive work style and fluent English are essential. The role involves 24/7 operational responsibilities and configuration management, as well as security compliance duties.
Qualificações
- 5-10 years of Splunk/SIEM experience in large enterprises.
- Expertise in Splunk architecture and CIM onboarding.
- Strong scripting skills in Terraform, Ansible, Bash, and Python.
Responsabilidades
- Perform CIM-compliant log onboarding and parser creation.
- Ensure full Splunk platform operation and handle incidents.
- Implement approved changes and maintain automation libraries.
Conhecimentos
We are seeking an experienced Senior Splunk Engineer to take over and operate the on-premise Splunk SIEM platform.
As part of the transition from Infosys, you will be responsible for stabilizing and continuously improving an existing enterprise-scale SIEM environment.
- Perform CIM-compliant log onboarding, parser creation, and documentation.
- Conduct onboarding due diligence and demand analysis.
- Create firewall, VPN, and routing change requests and validate changes.
- Manage ingestion pipelines via Cribl, Syslog-ng (TLS), Splunk UF/HF, and SCP.
- Deploy and scale Splunk components using Terraform and Ansible.
- Build trend and capacity analyses.
- Ensure full Splunk platform operation, monitoring, performance, EPS / log flow.
- Handle incidents, service requests, changes, and problems under MBG ITSM.
- Lead major incident management (P1/P2) with 24/7 on‑call rotation.
- Build and operate health‑check dashboards and QA reports.
- Implement approved changes across Splunk components.
- Perform daily configuration backups (KV stores, apps, and configs).
- Maintain automation libraries (Terraform, Ansible, and scripts).
- Manage Splunk patching and releases (maintain N-1 level).
- Support up to 12 minor and one major release per year.
- System hardening and vulnerability remediation.
- Operate via secure access methods (Jump hosts, SuSSHi, 2FA).
- Conduct vulnerability scans and support SOC threat analysis.
- Automate SOP-based operational workflows.
- Take over existing MBG Splunk operations.
- Validate and enhance current configurations, parsers, and deployments.
- Ensure stability during transition and hyper‑care.
5–10 years Splunk / SIEM experience in large enterprises.
Expertise in Splunk architecture, CIM onboarding, parser development, Syslog-ng, and certificates.
Strong scripting : Terraform, Ansible, Bash, and Python.
Experience stabilizing existing SIEM environments.
Minimum two of:
- Splunk Core Certified User
- Splunk Core Certified Power User
- Splunk Enterprise Admin
- Splunk Enterprise Architect
Optional : Splunk ES
Strong communication in enterprise environments.
Clear documentation skills.
Proactive, quality‑driven work style.
Fluent English (German beneficial).
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
