Summary:
The Senior Splunk Engineer will operate and improve the on-premise Splunk SIEM platform, focusing on transitioning operations from Infosys and ensuring the stability of an enterprise-scale environment.
Responsibilities:
- Plan & Build: Perform log onboarding, parser creation, manage ingestion pipelines, and deploy Splunk components.
- Operations: Ensure full platform operation and lead incident management.
- Configuration & Release Management: Implement changes, maintain backups, manage patching and releases.
- Security, Hardening & Compliance: Conduct vulnerability scans and automate operational workflows.
- Transition: Validate configurations and ensure operational stability during transition.
Must Haves:
- 9-12 years of experience in Splunk/SIEM within large enterprises.
- Expertise in Splunk architecture and CIM onboarding.
- Strong scripting skills in Terraform and Ansible.
- Two relevant Splunk certifications (e.g., Splunk Core Certified Admin).
Nice to Haves:
- Experience with Syslog-ng and implementing secure access methods.
- Proficient in Bash/Python scripting.
Other Details:
- Location: On-premise environment
- Team Structure: Part of a larger Cyber Security team
Reason (Must Have):
- 9-12 years experience: Essential for handling complex SIEM operations and ensuring success in the role.
- Splunk architecture expertise: Necessary for maintaining and improving system performance.
- Scripting skills: Crucial for automating processes and managing configurations efficiently.
- Relevant certifications: Validates the candidate's knowledge and skills in Splunk.
Reason (Nice to Have):
- Experience with secure access: Enhances compliance and security of operations.
- Proficiency in Bash/Python: Adds flexibility in automating various Splunk tasks, making workflows more efficient.
