Senior Technical Lead Splunk

Summary: The Senior Splunk Engineer will operate and improve the on-premise Splunk SIEM platform, focusing on transitioning operations from Infosys and ensuring the stability of an enterprise-scale environment. Responsibilities: • Plan & Build: Perform log onboarding, parser creation, manage ingestion pipelines, and deploy Splunk components. • Operations: Ensure full platform operation and lead incident management. • Configuration & Release Management: Implement changes, maintain backups, manage patching and releases. • Security, Hardening & Compliance: Conduct vulnerability scans and automate operational workflows. • Transition: Validate configurations and ensure operational stability during transition. Must Haves: • 9-12 years of experience in Splunk/SIEM within large enterprises. • Expertise in Splunk architecture and CIM onboarding. • Strong scripting skills in Terraform and Ansible. • Two relevant Splunk certifications (e.g., Splunk Core Certified Admin). Nice to Haves: • Experience with Syslog-ng and implementing secure access methods. • Proficient in Bash/Python scripting. Other Details: • Location: On-premise environment • Team Structure: Part of a larger Cyber Security team Reason (Must Have): • 9-12 years experience: Essential for handling complex SIEM operations and ensuring success in the role. • Splunk architecture expertise: Necessary for maintaining and improving system performance. • Scripting skills: Crucial for automating processes and managing configurations efficiently. • Relevant certifications: Validates the candidate’s knowledge and skills in Splunk. Reason (Nice to Have): • Experience with secure access: Enhances compliance and security of operations. • Proficiency in Bash/Python: Adds flexibility in automating various Splunk tasks, making workflows more efficient.