Send me Jobs like this
Experience
4 - 8 Years
Job Location
Education
Master of Technology/Engineering(Computers), Master of Science(Computers)
Nationality
Any Nationality
Gender
Any
Vacancy
1 Vacancy
Job Description
Roles & Responsibilities
Deployment & Architecture
Deploy Splunk Enterprise / Distributed Architecture
Configure Indexers, Search Heads, Forwarders
Implement clustering (Indexer / SH Cluster)
2️⃣ Log Source Onboarding
Configure Universal Forwarders & Heavy Forwarders
Create data inputs (syslog, API, cloud integrations)
Index creation and retention policy configuration
Field extraction, sourcetype validation, and parsing
3️⃣ Detection & Use Case Engineering
Develop SPL-based detection queries
Create correlation searches in ES (Enterprise Security)
Implement Risk-Based Alerting (RBA)
Fine-tune alerts to reduce false positives
Conduct use case gap analysis
4️⃣ Log Validation & Troubleshooting
Validate ingestion pipeline (Forwarder → Indexer → Search Head)
Troubleshoot parsing, indexing, and timestamp issues
Monitor ingestion delays and indexing queues
Optimize search performance
5️⃣ Platform Maintenance
Monitor license utilization (Daily indexing volume)
Perform Splunk upgrades and app updates
Backup configurations and validate restore
Performance tuning and resource optimization
6️⃣ MSS & SOC Support
Dashboard creation and SOC visibility enhancements
Alert lifecycle improvements
Support threat hunting queries
Continuous detection improvement aligned with MITRE
Desired Candidate Profile
- Bachelor's degree in Computer Science, Information Security, or a related field; Master's preferred.
- 5+ years of hands-on experience engineering and administering Splunk in a Security Information and Event Management (SIEM) context.
- Proven expertise in Splunk Enterprise Security (ES), including common information model (CIM) compliance and app development.
- Deep understanding of cybersecurity principles, threat landscapes, and incident response methodologies.
Employment Type
- Full Time
Company Industry
- IT - Software Services
Department / Functional Area
- Engineering
Keywords
- Log Management
- Principal Splunk Engineer
- Senior SIEM Engineer
- Splunk Architect
- Security Information And Event Management
- Senior Splunk Administrator
- Splunk Threat Intelligence Engineer
- Senior Splunk Security Analyst
Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at abuse@naukrigulf.com
CYBER GATE DEFENSE L.L.C.
CyberGate Defense (An IHC Company) is an Emirati establishment founded to provide Cybersecurity services that would improve the overarching security posture of governments and organizations. CyberGate possesses the in-house depth and breadth of information and cyber security expertise required to respond to the most complex security challenges related to both information and operations. CyberGate currently operates in both the public and private sectors, providing the highest quality of cybersecurity services. Our next-generation Managed Security Services, coupled with our highest standard GRC practice capabilities support organizations), and end-to-end solutions to improve the cybersecurity maturity levels, and protect critical infrastructure industries for nations and enterprises alike.
Read MoreMr. Ashok Ashok - HR
AL BUSTAN TOWERS, OFFICE NO-103, AL RABDAN, ABU DHABI, Abu Dhabi, United Arab Emirates, 43123, Abu Dhabi, United Arab Emirates (UAE)