IT Security C&T ยท 13 hours ago
Sr. Splunk Engineer-KSA
Center, IN
Full-time
Onsite
Senior LevelIT Security C&T is seeking a Senior Splunk Engineer responsible for the design, implementation, administration, and optimization of Splunk solutions within a large-scale enterprise environment. The role involves ensuring the Splunk platform delivers accurate insights for security operations and compliance monitoring.
Information TechnologyNetwork SecurityRisk Management
Responsibilities
Design and implement end-to-end Splunk solutions including data ingestion, parsing, indexing, and search optimization
Develop and maintain custom correlation rules, alerts, dashboards, and visualizations to support security monitoring and incident response
Onboard new log sources from infrastructure, security, application, and cloud systems using best practices (e.g., via UF, HF, syslog, APIs)
Perform regular health checks, indexer and search head performance tuning, license usage monitoring, and configuration backups
Support threat detection initiatives by translating security use cases into actionable Splunk queries and alerts
Assist in troubleshooting ingestion failures, parsing errors, and inefficient searches
Collaborate with SOC, threat intelligence, and infrastructure teams to ensure data relevance, completeness, and quality
Maintain Splunk Enterprise Security (ES) configurations, including CIM compliance, notables, and risk-based alerting (RBA)
Implement and manage data retention policies and storage utilization in line with compliance requirements
Automate tasks and processes using scripts (Python, Bash, PowerShell) and configuration management tools where needed
Provide technical guidance and mentoring to junior Splunk engineers and analysts
Qualification
Required
Design and implement end-to-end Splunk solutions including data ingestion, parsing, indexing, and search optimization
Develop and maintain custom correlation rules, alerts, dashboards, and visualizations to support security monitoring and incident response
Onboard new log sources from infrastructure, security, application, and cloud systems using best practices (e.g., via UF, HF, syslog, APIs)
Perform regular health checks, indexer and search head performance tuning, license usage monitoring, and configuration backups
Support threat detection initiatives by translating security use cases into actionable Splunk queries and alerts
Assist in troubleshooting ingestion failures, parsing errors, and inefficient searches
Collaborate with SOC, threat intelligence, and infrastructure teams to ensure data relevance, completeness, and quality
Maintain Splunk Enterprise Security (ES) configurations, including CIM compliance, notables, and risk-based alerting (RBA)
Implement and manage data retention policies and storage utilization in line with compliance requirements
Automate tasks and processes using scripts (Python, Bash, PowerShell) and configuration management tools where needed
Provide technical guidance and mentoring to junior Splunk engineers and analysts
Company
IT Security C&T
IT Security C&T provides information security consulting services.
Founded in 2011
11-50 employees
Funding
Current Stage
Early StageCompany data provided by crunchbase