Splunk Engineer

Job Purpose
The Splunk Engineer is responsible for the design, implementation, and maintenance of the Splunk environment. This role involves optimizing Splunk's performance, ensuring data integrity, and developing solutions to meet the organization's data analysis and security needs. The Splunk Engineer will work closely with cross-functional teams to collect, analyze, and visualize machine data, providing valuable insights for operational efficiency, security monitoring, and business intelligence.
Role and Responsibilities
• Design, deploy, and maintain the Splunk infrastructure, including indexers, search heads, forwarders, and other components.
• Develop and implement Splunk configurations, dashboards, reports, and alerts to meet business requirements.
• Onboard new data sources into Splunk, ensuring proper data ingestion, parsing, and indexing.
• Optimize Splunk performance and troubleshoot issues related to data flow, search performance, and system stability.
• Develop and maintain Splunk applications, scripts, and automation to enhance functionality and streamline processes.
• Monitor Splunk system health, performance, and capacity, and implement necessary upgrades or expansions.
• Collaborate with security teams to utilize Splunk for security information and event management (SIEM), threat detection, and incident response.
• Work with cross-functional teams, including IT, operations, and development, to gather requirements and provide Splunk solutions.
• Create and maintain documentation related to Splunk architecture, configurations, and procedures.
• Provide training and support to Splunk users, promoting best practices and efficient utilization of the platform.
• Stay up-to-date with the latest Splunk features, updates, and best practices.
Qualifications and Education Requirement
Bachelor's degree in Computer Science, Information Technology, or a related field.
3-5 years of experience as a Splunk Engineer or Administrator, with a strong understanding of Splunk architecture and components.
Experience with Splunk Enterprise and/or Splunk Cloud.
Experience with various operating systems, including Linux and Windows Server.
Education
Computer Science, Information Technology, or a related field.
Skills
*Splunk certifications (e.g., Splunk Core Certified User, Splunk Enterprise Certified Administrator, Splunk Certified Architect).
*Proficiency in Splunk Search Processing Language (SPL) for creating complex searches, reports, and dashboards.
*Experience with scripting languages such as Python, Bash, or PowerShell for automating Splunk tasks.
*Knowledge of data ingestion methods, including forwarders, HTTP Event Collector (HEC), and APIs.
*Familiarity with regular expressions.
*Understanding of IT infrastructure, including networking, servers, storage, and security principles.
*Experience with database technologies.
*Experience with Splunk Enterprise Security (ES) or IT Service Intelligence (ITSI).
*Strong analytical and problem-solving skills, with the ability to troubleshoot complex technical issues.
*Excellent communication and collaboration skills, with the ability to work effectively with cross-functional teams.
*Ability to work independently and manage multiple tasks in a fast-paced environment.
*Knowledge of security best practices and compliance requirements (e.g., GDPR, HIPAA, PCI DSS).

Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at abuse@naukrigulf.com