108 Splunk Administration Jobs

Key Responsibilities: Splunk ITSI Implementation: Develop and configure IT Service Intelligence (ITSI) modules, including KPI creation, service trees, and notable event aggregation. SIEM Development: Design, implement, and optimize Splunk SIEM solutions for threat detection, security monitoring, and log analysis. Dashboard & Visualization: Create advanced dashboards, reports, and visualizations using Splunk SPL (Search Processing Language). Data Ingestion & Parsing: Develop data onboarding, parsing, and field extractions from various log sources, including cloud and on-prem infrastructure. Mandatory Key SkillsSplunk ITSI Implementation,SIEM Development,data onboarding,Visualization,Splunk*

Shift: 7 pm IST to 4 am IST Responsibilities Architect, engineer, implement, and administer Splunk solutions in highly available, redundant, distributed computing environments. Lead design and deployment of new Splunk environments, including clustered, multi-site, and large-scale configurations. Perform Splunk forwarder deployment, configuration, and troubleshooting across diverse platforms. Integrate, curate, and normalize diverse log sources into Splunk, ensuring CIM compliance and high data fidelity. Configure and maintain Splunk dashboards, searches, and alerts to meet PCI DSS logging requirements, and deliver evidentiary reports to auditors to support compliance verification Develop advanced content for SIEM correlation, including custom correlation searches, dashboards, and alerts. Administer, maintain, and tune Splunk components (Indexers, Search Heads, Forwarders, Cluster Masters, Deployer, Deployment Server, and License Master). Proactively monitor platform health using internal logs, KPIs, and custom monitoring solutions to identify and address performance bottlenecks. Lead capacity planning, storage forecasting, and continuity of operations for large Splunk deployments. Optimize Splunk performance through configuration tuning, search optimization, and data model acceleration strategies. Troubleshoot complex ingestion, performance, and search-related issues, identifying root causes and implementing sustainable fixes or workarounds. Reproduce customer or internal issues, document findings, and work with Splunk Support or vendor engineers for resolution. Create, maintain, and enforce Splunk engineering documentation, including SOPs, design diagrams, architecture runbooks, and KB articles. Develop custom scripts and automation tools (e.g., Python, Bash, PowerShell) to improve Splunk administration, onboarding, and operational workflows. Utilize Splunk APIs for integration with enterprise tools and automation frameworks. Serve as a technical escalation point for Splunk Engineer I/II and Splunk Admin roles. Administer, tune, and troubleshoot Splunk Enterprise Security, maintaining data models, correlation searches, and notable events pipeline. Configure and manage HEC (HTTP Event Collector) connections and onboard new data sources. Manage Splunk RBAC (Role-Based Access Control) including SAML and AD group integrations for search heads and API endpoints. Collaborate with security, infrastructure, application, and DevOps teams to ensure Splunk aligns with enterprise monitoring, compliance, and operational goals. Design and implement Splunk solutions supporting compliance frameworks (e.g., PCI DSS, HIPAA, SOX), including dashboard/report development and audit evidence. Research, evaluate, and implement new Splunk apps, add-ons, and integrations to enhance platform capabilities. Mentor junior Splunk engineers and guide cross-functional teams on Splunk best practices, search optimization, and data onboarding. Requirements 8+ years of IT experience in technical engineering, security operations, or infrastructure roles. 5+ years of direct, hands-on Splunk engineering and administration experience in large-scale, distributed environments. Expert-level knowledge of Splunk Enterprise and Splunk Enterprise Security, including architecture, clustering, and scaling strategies. Proficiency in Linux/Unix administration and shell scripting. Strong knowledge of Splunk APIs, including use for automation and tool integrations. Expertise in regex, field extractions, and key-value parsing. Strong programming/scriptingskills in one or more languages (Python, Bash, PowerShell, Perl, JavaScript). Experience with storage systems (DAS, SAN, object storage) and understanding of their performance implications for Splunk indexing. Solid understanding of networking (switches, routers, firewalls, load balancers, DNS, SSL/TLS) and how it impacts Splunk architecture. Familiarity with Enterprise Management and automation tools. Experience with Splunk ITSI (preferred) and other premium Splunk apps. Strong knowledge of data formats including JSON, XML, and CSV. Demonstrated experience delivering Splunk-based compliance reporting and audit support. Strong communication skills for interacting with technical and non-technical stakeholders. Proven ability to lead projects, mentor team members, and provide architectural guidance. Education & Certifications Bachelors degree in Computer Science, Information Systems, or related technical field (or equivalent experience). Splunk Certified Architect and/or Splunk Certified Consultant preferred. Additional certifications in security, cloud, or automation tools are a plus.

Key Responsibilities: Splunk ITSI Implementation: Develop and configure IT Service Intelligence (ITSI) modules, including KPI creation, service trees, and notable event aggregation. SIEM Development: Design, implement, and optimize Splunk SIEM solutions for threat detection, security monitoring, and log analysis. Dashboard & Visualization: Create advanced dashboards, reports, and visualizations using Splunk SPL (Search Processing Language). Data Ingestion & Parsing: Develop data onboarding, parsing, and field extractions from various log sources, including cloud and on-prem infrastructure.KeywordsITSI,SIEM,SIEM Development,Splunk SPL,Splunk ITSI Implementation,Splunk*Mandatory Key SkillsITSI,SIEM,SIEM Development,Splunk SPL,Splunk ITSI Implementation,Splunk*

Key Responsibilities:Splunk ITSI Implementation: Develop and configure IT Service Intelligence (ITSI) modules, including KPI creation, service trees, and notable event aggregation.SIEM Development: Design, implement, and optimize Splunk SIEM solutions for threat detection, security monitoring, and log analysis.Dashboard & Visualization: Create advanced dashboards, reports, and visualizations using Splunk SPL (Search Processing Language).Data Ingestion & Parsing: Develop data onboarding, parsing, and field extractions from various log sources, including cloud and on-prem infrastructure.KeywordsDashboard,Data Visualization,Splunk SPL,Data Ingestion,Splunk SIEM solutions,IT Service Intelligence,Splunk ITSI Implementation*Mandatory Key SkillsDashboard,Data Visualization,Splunk SPL,Data Ingestion,Splunk SIEM solutions,IT Service Intelligence,Splunk ITSI Implementation*

Key Responsibilities: Splunk ITSI Implementation: Develop and configure IT Service Intelligence (ITSI) modules, including KPI creation, service trees, and notable event aggregation. SIEM Development: Design, implement, and optimize Splunk SIEM solutions for threat detection, security monitoring, and log analysis. Dashboard & Visualization: Create advanced dashboards, reports, and visualizations using Splunk SPL (Search Processing Language). Data Ingestion & Parsing: Develop data onboarding, parsing, and field extractions from various log sources, including cloud and on-prem infrastructure. Mandatory Key Skills IT Service Intelligence,Data Ingestion,Splunk SPL,Splunk SIEM,SIEM Development,Splunk*

Key Responsibilities: Splunk ITSI Implementation: Develop and configure IT Service Intelligence (ITSI) modules, including KPI creation, service trees, and notable event aggregation. SIEM Development: Design, implement, and optimize Splunk SIEM solutions for threat detection, security monitoring, and log analysis. Dashboard & Visualization: Create advanced dashboards, reports, and visualizations using Splunk SPL (Search Processing Language). Data Ingestion & Parsing: Develop data onboarding, parsing, and field extractions from various log sources, including cloud and on-prem infrastructure. Mandatory Key SkillsIT Service Intelligence,Data Ingestion,Splunk SPL,Splunk SIEM,SIEM Development,Splunk*

Key Responsibilities: Splunk ITSI Implementation: Develop and configure IT Service Intelligence (ITSI) modules, including KPI creation, service trees, and notable event aggregation. SIEM Development: Design, implement, and optimize Splunk SIEM solutions for threat detection, security monitoring, and log analysis. Dashboard & Visualization: Create advanced dashboards, reports, and visualizations using Splunk SPL (Search Processing Language). Data Ingestion & Parsing: Develop data onboarding, parsing, and field extractions from various log sources, including cloud and on-prem infrastructure. Mandatory Key SkillsITSI,SIEM,SIEM Development,Splunk SPL,Splunk ITSI Implementation,Splunk*

Key Responsibilities: Splunk ITSI Implementation: Develop and configure IT Service Intelligence (ITSI) modules, including KPI creation, service trees, and notable event aggregation. SIEM Development: Design, implement, and optimize Splunk SIEM solutions for threat detection, security monitoring, and log analysis. Dashboard & Visualization: Create advanced dashboards, reports, and visualizations using Splunk SPL (Search Processing Language). Data Ingestion & Parsing: Develop data onboarding, parsing, and field extractions from various log sources, including cloud and on-prem infrastructure. Mandatory Key SkillsSplunk ITSI Implementation,IT Service Intelligence,SIEM Development,Search Processing Language,Data Ingestion,Splunk*

Job Summary Proficient in Splunks architecture query language and best practices including monitoring troubleshooting and maintaining systems. Ability to identify and resolve issues analyse complex problems and understand system behaviour at scale Responsibilities Proven experience in a DevOps SRE or Technical Operations role. Demonstrated ability to meticulously follow technical runbooks and documented procedures. Hands on experience with cloud platforms AWS or GCP. Experience with orchestration tools preferably Puppet. Proficiency in a scripting language preferably Python. Strong troubleshooting and debugging skills. 24 by 7 coverage Good English verbal and written proficiency 2 to 5 years in Splunk administration engineering or support Splunk Search Dashboards ITSI optional troubleshooting and maintaining systems ServiceNow workflows Familiar with working in a compliance-driven engagement mode Certifications Required Splunk Core Certified Admin and Power User ITIL Foundation for change process understanding Puppet andAnsible certification Desirable

Job Title: Splunk SIEM Specialist Position Overview We are seeking an experienced Splunk SIEM Specialist to design, implement, and manage enterprise-level SIEM solutions. The role involves end-to-end Splunk administration, log source onboarding, detection content development, and platform optimization to enhance our organizations security monitoring and incident detection capabilities. The ideal candidate will bring strong expertise in Splunk Enterprise Security along with a solid understanding of security operations and log management. Key Responsibilities Lead and execute SIEM migrations and implementations , including planning, deployment, and validation. Onboard and normalize diverse log sources into Splunk, ensuring CIM (Common Information Model) compliance. Develop and optimize detection content such as correlation rules, dashboards, alerts, and reports. Troubleshoot and resolve issues related to log ingestion, parsing, and Splunk platform performance . Perform regular platform administration and optimization including indexing, storage, and search tuning. Manage Splunk components ( indexers, search heads, forwarders ) and oversee upgrades and patches. Deploy and configure Splunk SIEM solutions across on-premises and cloud environments . Conduct gap analysis of log sources and use cases; develop new use cases aligned with emerging threats. Collaborate with stakeholders and security teams to deliver actionable monitoring and threat detection solutions. Required Skills & Qualifications Minimum 3 years of hands-on experience with Splunk SIEM (Enterprise Security preferred). Strong understanding of SIEM concepts, log management, and SOC operations . Proven experience in log source onboarding, parsing, and CIM compliance . Expertise in detection content creation (correlation rules, dashboards, alerts) and tuning. Solid troubleshooting skills for both Splunk platform and security content . Experience in Splunk deployment, administration, and health monitoring . Ability to conduct gap analysis and provide actionable recommendations. Strong communication and documentation skills. Relevant certifications (e.g., Splunk Certified Admin, Splunk Enterprise Admin, Splunk Certified Architect ) are an advantage. Preferred Experience Strong knowledge of security fundamentals and threat detection . Hands-on experience with cloud SIEM deployments (AWS, Azure, GCP). Familiarity with scripting languages (Python, Bash) for automation. Exposure to other SIEM platforms ( QRadar, Sentinel, XSIAM, SecOps ) is beneficial.

About The Role Project Role : Infra Tech Support Practitioner Project Role Description : Provide ongoing technical support and maintenance of production and development systems and software products (both remote and onsite) and for configured services running on various platforms (operating within a defined operating model and processes). Provide hardware/software support and implement technology at the operating system-level across all server and network areas, and for particular software solutions/vendors/brands. Work includes L1 and L2/ basic and intermediate level troubleshooting. Must have skills : System Monitoring Tools & Techniques Good to have skills : Splunk Administration, AppDynamics Administration, Dynatrace Administration Minimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Infra Tech Support Practitioner, you will engage in the ongoing technical support and maintenance of production and development systems and software products. Your typical day will involve addressing various technical issues, providing solutions for configured services across multiple platforms, and ensuring the smooth operation of hardware and software systems. You will work both remotely and onsite, collaborating with team members to troubleshoot and resolve issues effectively, while adhering to defined operating models and processes. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Assist in the implementation of technology at the operating system level across all server and network areas.- Provide hardware and software support for various software solutions, vendors, and brands. Professional & Technical Skills: - Must To Have Skills: Proficiency in System Monitoring Tools & Techniques.- Good To Have Skills: Experience with Splunk Administration, Dynatrace Administration, AppDynamics Administration.- Strong understanding of system performance metrics and monitoring best practices.- Experience with troubleshooting and resolving technical issues in production environments.- Familiarity with network protocols and server configurations. Additional Information:- The candidate should have minimum 2 years of experience in System Monitoring Tools & Techniques.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

The role of an Infra Tech Support Practitioner involves providing ongoing technical support and maintenance for production and development systems and software products. This support can be provided both remotely and on-site, adhering to defined operating models and processes. The responsibilities include offering hardware/software support, implementing technology at the operating system level for various server and network areas, and supporting specific software solutions from different vendors. The role also includes basic and intermediate level troubleshooting. As a Splunk Administrator, you will play a crucial role in ensuring the smooth functioning of systems and software products. Daily tasks may include managing multi-site clustering, maintaining indexes, creating monitoring jobs for alerts, troubleshooting issues, and maintaining necessary documentation. Key Responsibilities: - Setting up Multi-Site Clustering with replication strategies - Managing Indexes, Summary Indexes, DM Acceleration, and Scheduled searches - Installing/upgrading Splunk software - Creating monitoring jobs for alerts - Troubleshooting issues via log analysis - Working with YAML/Ansible for automation - Strong architecture knowledge in distributed search, index lifecycle, cluster management, etc. - Proficiency in UNIX platform and basic networking skills - Experience with Azure DevOps/CICD pipelines - Working in Azure Cloud environment - Core Splunk Enterprise Administration skills - Understanding business requirements and translating them into solution designs - Quality-oriented, committed, pragmatic, and solution-oriented - Strong communication and teamwork skills Minimum Requirement: - Minimum 5 years of experience - Educational Qualification: Graduate/full-time degree Professional Attributes: - At least 3.5 years of experience as a Splunk administrator - Ability to understand and convert business requirements into solution designs - Quality-oriented and committed to delivering results - Strong team player with excellent communication skills Additional Information: - Willingness to support a 24*7 environment with rotational shifts Please note that the role requires expertise in Splunk Administration as the primary skill and familiarity with other technical aspects mentioned in the job description.,

Hi All, We are hiring for Splunk Admin role for Noida, Pune, Bangalore and Hyderabad. Role & responsibilities Core Splunk Admin experience. Linux Operating System. Any cloud experience. Mail your Cv- varsha.si@peoplefy.com NOTE : Rotational shift.

Hi All, We are hiring for Splunk Admin role for Noida, Pune, Bangalore and Hyderabad. Role & responsibilities Core Splunk Admin experience. Linux Operating System. Any cloud experience. Mail your Cv- chaitrali.pa@peoplefy.com NOTE : Rotational shift.

Hi All, We are hiring for Splunk Admin role for Noida, Pune, Bangalore and Hyderabad. Role & responsibilities Core Splunk Admin experience. Linux Operating System. Any cloud experience. NOTE : Rotational shift.

Key skill: Splunk Admin , Syslog-ng, Ansible, Cribl OR Datadog ( Good to have) Experience: 1.Experience in Splunk Architecture, Administration and Development 2.Familiarity with Splunk Syslog-ng or working with Splunk Enterprise Security 3.Hands-on experience in assessing, designing, troubleshooting, implementing and operating cluster, distributed and cloud Splunk environment 4.Proficient in Splunk Query Language (SPL) and experienced in developing drill down, Custom Dashboards and Reports 5.Experience in optimizing onboarding and using Splunk add-on and Splunk Apps 6.Experience in managing complex data 7.Experience in optimizing applications - to reduce impact on resources 8.Hands-on experience in searches, macros, event type, lookup etc. 9.Strong understanding on the Splunk CIM 10.Strong experience in log/Unix administration (On-Prem) preferably with UNIX experience 11.Logging technologies including syslog SC4S, Windows Event collectors and agent-based data acquisition 12.Experience working on Splunk Enterprise Security 13.Familiarity with shell scripting i.e. bash/Linux - being able to use Shell 14.Experience with SED/SORT/Regex and parsing 15.Experience with scripting languages (e.g., Bash, Python) Exp- 7.5+ Yrs Location: Hyderabad/ Bangalore Interview process-1st Technical + 2nd Managerial+ 3rd Client interview

You will be expected to perform independently and become a Subject Matter Expert (SME) in the field. You are required to actively participate and contribute to team discussions, providing solutions to work-related problems while ensuring timely resolution of technical issues. Collaboration with cross-functional teams to address system and software issues will be a key aspect of your role. It will be essential to maintain documentation of system configurations and troubleshooting procedures, as well as implementing system upgrades and patches. Additionally, you will be responsible for providing training and guidance to junior team members. Professional & Technical Skills: - Must To Have Skills: Proficiency in AppDynamics Administration. - Good To Have Skills: Experience with Splunk Administration. - Strong understanding of system administration principles. - Knowledge of network protocols and configurations. - Experience in troubleshooting hardware and software issues. The candidate should possess a minimum of 4 years of experience in AppDynamics Administration.,

Project Role : Infra Tech Support Practitioner Project Role Description : Provide ongoing technical support and maintenance of production and development systems and software products (both remote and onsite) and for configured services running on various platforms (operating within a defined operating model and processes). Provide hardware/software support and implement technology at the operating system-level across all server and network areas, and for particular software solutions/vendors/brands. Work includes L1 and L2/ basic and intermediate level troubleshooting. Must have skills : Splunk Administration Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : Graduate fulltime degree Summary :As a Splunk Administrator, you will be responsible for providing ongoing technical support and maintenance of production and development systems and software products. Your typical day will involve providing hardware/software support and implementing technology at the operating system-level across all server and network areas, and for particular software solutions/vendors/brands. Key Responsibilities:-- Multi-Site Clustering (both Search heads & indexers stack) with replication strategies- Indexes management - Summary Indexes/DM Acceleration/Scheduled searches- Maintain Jobs & their performance- Splunk Install/Upgrade- Create & Develop Monitoring Jobs for alerts- Troubleshoot issues/error via different logs- SPL (tune real-time searches)- DMC, DB Connect exposure & knowledge- Maintain & develop documents (SOPs) of the whole platform Technical Experience:-- Experience of working with YAML/Ansible for automation- Strong Architecture knowledge (distributed search/index lifecycle/cluster bundle/manage apps/rolling operation/buckets management)- Comfortable working with UNIX Platform - Basic Networking Skills- Azure DevOps/CICD pipelines for code deploy- Experience of working into Azure Cloud environment- Strong skills into core Splunk Enterprise Administration (Admin certified-preferable) Professional Attributes:-- An individual should have a proven experience of at least 3.5 years as a Splunk administrator.- Hold great ability to understand the business requirements and converting them into solution designs,- Should be quality oriented,- Committed to deliver, pragmatic and solution oriented, and most importantly a team player and with great communication skills. Educational Qualifications:-- Graduate/full time degree Additional Information:- - To support 24*7 environment with rotational shifts Qualification Graduate fulltime degree

About The Role Project Role : Technology Support Engineer Project Role Description : Resolve incidents and problems across multiple business system components and ensure operational stability. Create and implement Requests for Change (RFC) and update knowledge base articles to support effective troubleshooting. Collaborate with vendors and help service management teams with issue analysis and resolution. Must have skills : Splunk Administration Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Technology Support Engineer, you will engage in resolving incidents and problems across various business system components, ensuring operational stability. Your typical day will involve collaborating with different teams, implementing Requests for Change, and updating knowledge base articles to enhance troubleshooting effectiveness. You will also work closely with vendors and service management teams to analyze and resolve issues, contributing to a seamless operational environment. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions for junior team members to enhance their skills.- Monitor system performance and proactively identify areas for improvement. Professional & Technical Skills: - Must To Have Skills: Proficiency in Splunk Administration.- Strong understanding of incident management processes.- Experience with system monitoring and performance tuning.- Familiarity with change management practices.- Ability to create and maintain technical documentation. Additional Information:- The candidate should have minimum 5 years of experience in Splunk Administration.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Technology Support Engineer Project Role Description : Resolve incidents and problems across multiple business system components and ensure operational stability. Create and implement Requests for Change (RFC) and update knowledge base articles to support effective troubleshooting. Collaborate with vendors and help service management teams with issue analysis and resolution. Must have skills : Splunk Administration Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a Senior Engineer Splunk Observability & ITSI to lead the design, deployment, and optimization of observability solutions across our enterprise systems. This role requires deep expertise in Splunk Observability Cloud and Splunk ITSI (IT Service Intelligence) to provide real-time insights, improve system reliability, and drive actionable intelligence through telemetry and service modeling. Roles and responsibilities:- Lead architecture and implementation of observability platforms using Splunk APM, Infrastructure Monitoring, Log Observer, RUM, and Synthetic Monitoring.- Implement OpenTelemetry for distributed tracing and correlation between logs, metrics, and traces.- Define golden signals, SLIs, SLOs, and ensure end-to-end service health visibility.- Design and configure Splunk ITSI Glass Tables, KPIs, Service Trees, and Notable Events.- Integrate ITSI with logs, APM, infrastructure monitoring, and external event sources (e.g., ServiceNow, CMDB).- Develop correlation rules and predictive analytics using machine learning within ITSI.- Drive business-centric service monitoring using entity modeling and service mapping.- Create proactive monitoring with anomaly detection, baselining, and predictive alerting.- Enable faster incident triage and root cause analysis using AIOps capabilities of ITSI.- Integrate ITSI with incident management tools like PagerDuty, Opsgenie, or ServiceNow.- Collaborate with SREs, DevOps, application teams, and business owners to define observability goals.- Lead onboarding of new services into observability and ITSI environments.- Deliver dashboards, runbooks, and observability as code (automation via Terraform or CI/CD).-Professional and Technical skills:- Bachelors degree in Computer Science, Engineering, or related field.- 6+ years in observability, DevOps, or SRE roles.- Hands-on experience with Splunk ITSI, including Service Designer, KPI creation, Glass Tables, and Episode Review.- 3+ years of working experience with Splunk Observability Cloud tools (SignalFx, APM, RUM, Infrastructure Monitoring, Log Observer).- In-depth understanding of OpenTelemetry, log aggregation, and metrics collection.- Strong experience with cloud-native technologies Kubernetes, Docker, AWS/Azure/GCP.- Scripting and automation skills (Python, Bash, Terraform).- Familiarity with ITSM/CMDB integration and service-centric monitoring.- Splunk Certifications (e.g., Splunk Core Certified Power User, Splunk ITSI Implementation, Observability Cloud Certified).- Familiarity with ITIL processes and integrations with ServiceNow, BMC, or other ITSM tools.- Experience with other observability/AIOps platforms (Datadog, Dynatrace, AppDynamics, Moogsoft, etc.).- Strong analytical and troubleshooting skills.- Excellent communication and documentation abilities.- Ability to lead initiatives and mentor junior engineers.- Proactive, collaborative, and business-outcome-driven mindset. Additional information:- The candidate should have minimum 3 years of experience.- The position is at our Gurugram office.- A 15 year full time education is required. Qualification 15 years full time education

Key Responsibilities Process Day to day Operational issues, requests and Project tasks Incident response and resolution within SLA's with excellent analytical and troubleshooting skills Providing all the necessary details to leads about the issue, steps taken, recommendation and any other relevant information Ticket Status Check and Update Respond to False Positive Alerts Incident Escalation and Progress Monitoring Create, review, update, and maintain Standard Operating Procedures. Prepare RCA for the escalated incidents. Perform the Shift handovers Security Incident Response: Leads the escalation as a point for security incidents. Analyze & investigate cyber threats on a real-time/day-to-day basis, involving alerts review, log analysis, and event/incident correlations. Prepare Document and Maintain Procedures, Response Plan, Runbooks, and associated processes for continuous improvement. Assist Analyst for security event and initial incident response to detected threats. Regularly review and recommend changes to policies or controls as needed to enhance security. Identifies potential gaps and offers solutions to include internal team needs, product improvements and client security posture. Develop reporting with focused messages to enable the stakeholders to understand their and responsibilities. Train and mentor, the peers and juniors in the team. SPLUNK Managing Splunk components such as indexer, forwarder, search head, etc Prepare Splunk dashboards. Install, Configure and Troubleshoot Universal forwarders. Triage of non-security alerts based on priority, problem identification and escalation. Escalate to designated contacts within Stratogent and Customer for issues outside SOPs, or when SOPs fail to resolve the issue. Work directly with delivery teams or customers to gather logging requirements. Convert Logging requirements into Splunk designs following best practices. Perform environment health checks. Update and / or create technical documentation. Must-have Skills: Prior Working Experience Must have worked on Splunk Performing incident handling, evidence acquisition, endpoint and Network,and Security Incident management Customer-focused Excellent communication skills (reading, writing, speaking and listening) Highly self-motivated and directed. Excellent attention to detail. Flexibility and willingness to work on different and multiple technologies Ability to effectively prioritize, organize and execute tasks in a high-pressure environment Good to have skills: Prior Work Experience Worked on any of the IAM and PAM tools. Certifications in Enterprise Admin or Cloud Admin of Splunk is an advantage Prior training and certification in communication is added advantage

About The Role Project Role : Cloud Platform Engineer Project Role Description : Designs, builds, tests, and deploys cloud application solutions that integrate cloud and non-cloud infrastructure. Can deploy infrastructure and platform environments, creates a proof of architecture to test architecture viability, security and performance. Must have skills : Splunk Administration Good to have skills : Splunk Enterprise Architecture and DesignMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Cloud Platform Engineer, you will be responsible for designing, building, testing, and deploying cloud application solutions that integrate cloud and non-cloud infrastructure. Your typical day will involve deploying infrastructure and platform environments, creating a proof of architecture to test architecture viability, security, and performance. You will play a crucial role in ensuring the success of cloud-based projects and driving innovation in cloud technology. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work-related problems.- Collaborate with cross-functional teams to design and implement cloud-based solutions.- Develop and maintain cloud infrastructure and platform environments.- Perform testing and troubleshooting of cloud applications and infrastructure.- Ensure the security and performance of cloud solutions.- Provide technical guidance and support to team members. Professional & Technical Skills: - Must To Have Skills: Proficiency in Splunk Administration.- Good To Have Skills: Experience with Splunk Enterprise Architecture and Design.- Strong understanding of cloud architecture and infrastructure.- Experience in deploying and managing cloud-based applications.- Knowledge of cloud security best practices.- Familiarity with automation tools and scripting languages.- Ability to troubleshoot and resolve issues in cloud environments. Additional Information:- The candidate should have a minimum of 3 years of experience in Splunk Administration.- This position is based at our Noida office.- A 15 years full-time education is required. Qualification 15 years full time education

Greetings !! We are looking for a skilled Splunk Administrator with hands-on experience in deploying and managing Splunk Enterprise and Splunk Cloud. The ideal candidate should have experience in Splunk Enterprise Security (ES), Splunk UBA, and IT Service Intelligence (ITSI). This role requires strong technical skills, along with the ability to communicate effectively with customers. Roles & Responsibilities: Splunk Deployment & Administration: Install, configure, and manage Splunk Enterprise and Splunk Cloud. Handle indexers, search heads, forwarders, and clustering. Optimize Splunk performance, storage, and scalability. Security & Splunk Monitoring Solutions: Implement and manage Splunk Enterprise Security (ES), Splunk UBA, and ITSI. Configure correlation searches, threat intelligence feeds, risk-based alerting (RBA), and dashboards. Troubleshoot security-related issues within Splunk. Customer Interaction & Troubleshooting: Engage with customers to understand their requirements and provide technical guidance. Troubleshoot and resolve Splunk-related issues, logs ingestion, parsing, and data onboarding. Splunk Architecture & Implementation: Design, deploy, and optimize Splunk Enterprise and Splunk Cloud environments. Lead end-to-end Splunk implementations, migrations, and upgrades. Manage search head clustering, indexer clustering, and data retention policies. Security & Observability Solutions: Architect and configure Splunk Enterprise Security (ES), Splunk UBA, and ITSI. Implement risk-based alerting (RBA), custom correlation searches, and advanced analytics. Integrate Splunk with SOAR, cloud platforms (AWS, Azure, GCP), and third-party security tools. Team Leadership & Customer Engagement: Lead and mentor a team of Splunk Administrators & Engineers. Interact with customers to gather requirements, design solutions, and conduct workshops etc. Review and improve Splunk use cases, dashboards, and data models. Optimization & Automation: Develop custom scripts (Python, Bash, PowerShell) for automation and orchestration. Tune Splunk performance, search queries, and indexing strategies. Implement best practices for data onboarding, parsing, and CIM compliance. Interested can share their updated resume to gayathri.ramaraj@locuz.com along with the below mentioned details. Current CTC: Expected CTC: Notice Period:

Your Role Administer and develop solutions usingSplunkandSplunk Security Essentialsto support enterprise security monitoring and analytics. Design, implement, and maintain Splunk dashboards, alerts, and reports to provide actionable insights into security events. UtilizeUNIX shell scripting or Pythonto automate data ingestion, parsing, and enrichment processes. Lead and manage security-related projects from planning through execution, ensuring timely delivery and alignment with business goals. Collaborate with cross-functional teams to define requirements, manage risks, and ensure stakeholder satisfaction. Your Profile 5 to 10 yearsof experience in IT security with a strong focus onSplunk administration and development. Proficiency inSplunk Security Essentials, data onboarding, and custom dashboard creation. Strong scripting skills inUNIX shellorPythonfor automation and integration. Solid understanding ofAgile/Scrum methodologiesand project lifecycle management. Proven experience in leading cross-functional teams and managing complex security projects. What You Will Love Working at Capgemini Work on cutting-edge security analytics platforms likeSplunkin enterprise-scale environments. Lead impactful projects that enhance cybersecurity posture for global clients. Clear career progression paths from engineering to leadership and consulting roles. Collaborate with diverse teams in a supportive, inclusive, and innovation-driven culture. Gain exposure to modern security frameworks, automation tools, and real-time threat intelligence.

Project Role : Technology Support Engineer Project Role Description : Resolve incidents and problems across multiple business system components and ensure operational stability. Create and implement Requests for Change (RFC) and update knowledge base articles to support effective troubleshooting. Collaborate with vendors and help service management teams with issue analysis and resolution. Must have skills : Splunk Administration Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a Senior Engineer Splunk Observability & ITSI to lead the design, deployment, and optimization of observability solutions across our enterprise systems. This role requires deep expertise in Splunk Observability Cloud and Splunk ITSI (IT Service Intelligence) to provide real-time insights, improve system reliability, and drive actionable intelligence through telemetry and service modeling. Roles and responsibilities:- Lead architecture and implementation of observability platforms using Splunk APM, Infrastructure Monitoring, Log Observer, RUM, and Synthetic Monitoring.- Implement OpenTelemetry for distributed tracing and correlation between logs, metrics, and traces.- Define golden signals, SLIs, SLOs, and ensure end-to-end service health visibility.- Design and configure Splunk ITSI Glass Tables, KPIs, Service Trees, and Notable Events.- Integrate ITSI with logs, APM, infrastructure monitoring, and external event sources (e.g., ServiceNow, CMDB).- Develop correlation rules and predictive analytics using machine learning within ITSI.- Drive business-centric service monitoring using entity modeling and service mapping.- Create proactive monitoring with anomaly detection, baselining, and predictive alerting.- Enable faster incident triage and root cause analysis using AIOps capabilities of ITSI.- Integrate ITSI with incident management tools like PagerDuty, Opsgenie, or ServiceNow.- Collaborate with SREs, DevOps, application teams, and business owners to define observability goals.- Lead onboarding of new services into observability and ITSI environments.- Deliver dashboards, runbooks, and observability as code (automation via Terraform or CI/CD).-Professional and Technical skills:- Bachelors degree in Computer Science, Engineering, or related field.- 6+ years in observability, DevOps, or SRE roles.- Hands-on experience with Splunk ITSI, including Service Designer, KPI creation, Glass Tables, and Episode Review.- 3+ years of working experience with Splunk Observability Cloud tools (SignalFx, APM, RUM, Infrastructure Monitoring, Log Observer).- In-depth understanding of OpenTelemetry, log aggregation, and metrics collection.- Strong experience with cloud-native technologies Kubernetes, Docker, AWS/Azure/GCP.- Scripting and automation skills (Python, Bash, Terraform).- Familiarity with ITSM/CMDB integration and service-centric monitoring.- Splunk Certifications (e.g., Splunk Core Certified Power User, Splunk ITSI Implementation, Observability Cloud Certified).- Familiarity with ITIL processes and integrations with ServiceNow, BMC, or other ITSM tools.- Experience with other observability/AIOps platforms (Datadog, Dynatrace, AppDynamics, Moogsoft, etc.).- Strong analytical and troubleshooting skills.- Excellent communication and documentation abilities.- Ability to lead initiatives and mentor junior engineers.- Proactive, collaborative, and business-outcome-driven mindset. Additional information:- The candidate should have minimum 3 years of experience.- The position is at our Gurugram office.- A 15 year full time education is required. Qualification 15 years full time education