MCPNew: now works with Claude & AI assistants
juara-it-solutions

juara-it-solutions

Splunk Engineer

Company

juara-it-solutions

Role

Splunk Engineer

Location

Chennai, Tamil Nadu, India (Remote)

Job type

Full-time

Found on Mokaru

🔥Recently

Share this job

Salary

Not disclosed by employer

Job description

Job Title: Splunk Engineer

Location: Chennai

Experience: 4–8 Years

Employment Type: Full-Time

Notice Period: Immediate Joiners or Up to 15 Days

About the Role

We are looking for a highly skilled Splunk Engineer to design, implement, administer, and optimize enterprise Splunk environments. The ideal candidate will have hands-on experience with Splunk Enterprise, Splunk Enterprise Security (ES), log management, SIEM, security monitoring, and automation. The role involves building scalable logging solutions, developing detection use cases, and supporting Security Operations Center (SOC) initiatives.

Key Responsibilities

  • Design, deploy, configure, and administer Splunk Enterprise and Splunk Enterprise Security (ES).
  • Install and maintain Splunk components, including Indexers, Search Heads, Forwarders, Deployment Servers, and Cluster Managers.
  • Develop and optimize Splunk dashboards, reports, alerts, and visualizations.
  • Create and maintain SPL (Search Processing Language) queries, correlation searches, and detection rules.
  • Integrate log sources from Windows, Linux, cloud platforms, firewalls, databases, applications, and network devices.
  • Configure and manage data ingestion, parsing, indexing, retention, and storage optimization.
  • Monitor the health, performance, and scalability of Splunk infrastructure.
  • Support security monitoring, threat detection, incident investigation, and forensic analysis.
  • Integrate Splunk with SOAR platforms, threat intelligence feeds, and third-party security tools.
  • Collaborate with SOC analysts, security engineers, and infrastructure teams to enhance detection capabilities.
  • Troubleshoot ingestion issues, performance bottlenecks, and platform-related problems.
  • Perform upgrades, patching, backup, disaster recovery, and capacity planning.
  • Create technical documentation, operational runbooks, and knowledge base articles.

Technical Skills

Mandatory Skills

  • Splunk Enterprise
  • Splunk Enterprise Security (ES)
  • Splunk Search Processing Language (SPL)
  • SIEM Administration
  • Log Management
  • Security Monitoring
  • Correlation Searches
  • Dashboards & Reporting
  • Universal Forwarders
  • Heavy Forwarders
  • Indexers & Search Heads
  • Deployment Server
  • Cluster Management
  • Windows Server Administration
  • Linux Administration
  • Syslog
  • REST APIs
  • PowerShell
  • Python
  • TCP/IP Networking

Good to Have

  • Splunk SOAR (Phantom)
  • Splunk ITSI
  • Splunk UBA (User Behavior Analytics)
  • Microsoft Sentinel
  • Microsoft Defender XDR
  • CrowdStrike Falcon
  • Palo Alto Networks
  • QRadar
  • ArcSight
  • Elastic Stack (ELK)
  • AWS CloudWatch
  • Azure Monitor
  • Kubernetes
  • Docker
  • ServiceNow Integration
  • MITRE ATT&CK Framework

Required Qualifications

  • Bachelor's degree in Computer Science, Information Technology, Cybersecurity, Engineering, or a related field.
  • 4–8 years of experience in Splunk Administration, SIEM Engineering, or Security Operations.
  • Strong hands-on experience with Splunk Enterprise and Splunk Enterprise Security (ES).
  • Experience onboarding diverse log sources and developing correlation rules.
  • Strong understanding of SIEM architecture, security monitoring, and incident response.
  • Knowledge of Windows, Linux, networking, cloud platforms, and cybersecurity fundamentals.
  • Experience with scripting (PowerShell or Python) for automation.
  • Excellent analytical, troubleshooting, and problem-solving skills.
  • Strong communication and documentation skills.

Preferred Certifications

  • Splunk Core Certified Power User
  • Splunk Enterprise Certified Admin
  • Splunk Enterprise Certified Architect
  • Splunk Certified Cybersecurity Defense Analyst
  • Microsoft Certified: Security Operations Analyst Associate (SC-200)
  • Microsoft Certified: Azure Security Engineer Associate (AZ-500)
  • CompTIA CySA+
  • Certified Information Systems Security Professional (CISSP) (Preferred)
  • GIAC Certified Incident Handler (GCIH) (Preferred)

Soft Skills

  • Strong analytical and troubleshooting capabilities.
  • Excellent communication and presentation skills.
  • Ability to work independently and collaboratively in a team environment.
  • Strong documentation and reporting skills.
  • Ability to manage multiple priorities in a fast-paced environment.
  • Passion for cybersecurity and continuous learning.
Resume ExampleCover Letter Example

Explore more