Posted:1 day ago|
Platform:
Hybrid
Full Time
Role Overview:
The Splunk Engineer / Administrator will be responsible for designing, implementing, and maintaining Splunk environments, including SIEM, SOAR, and UEBA components. This role supports security operations by enabling advanced analytics, automation, and incident response capabilities.
Key Responsibilities:
SIEM (Splunk Enterprise Security): • Administer and optimize Splunk Enterprise Security (ES) for log management, ingestion, normalization, and correlation. • Develop and maintain dashboards, alerts, saved searches, and reports. • Onboard data sources and ensure CIM compliance. • Implement risk scoring models to identify suspicious access events and reduce false positives. SOAR (Security Orchestration, Automation, and Response): • Administer Splunk SOAR (formerly Phantom), including cluster and PostgresDB environments. • Develop and maintain playbooks for automated incident response. • Create Python-based custom functions to enhance playbook capabilities. • Integrate AI models to improve alerting and operational efficiency. UEBA (User and Entity Behavior Analytics): • Develop use cases and dashboards for behavior analytics. • Integrate UEBA models with Splunk ES and SOAR for enhanced threat detection. General Splunk Administration: • Install, configure, and troubleshoot Splunk components (indexers, search heads, forwarders). • Develop custom Splunk apps and add-ons using SPL, Python, SimpleXML, JavaScript, or Bash. • Monitor and troubleshoot performance issues. • Ensure compliance with ISO27001, ITIL, and internal security standards.
Required Skills & Experience:
• 5+ years of experience in Splunk administration and engineering. • Strong knowledge of Splunk architecture, SPL, and data modeling. • Experience with Python, Bash, and web technologies (JavaScript, CSS). • Familiarity with SIEM, SOAR, and UEBA concepts and tools. • Experience in a Cyber Security Operations Center (CSOC) is a plus.
Certifications:
• Splunk Enterprise Certified Architect (Required) • Splunk ES Administration Certification (Required) • Splunk SOAR Administration Certification (Required) • Splunk UEBA Administration Certification (Required) • Splunk Core Certified Consultant (Preferred)
Education:
• Bachelors degree in Computer Science, Information Technology
Capgemini
Upload Resume
Drag or click to upload
Your data is secure with us, protected by advanced encryption.
Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.
We have sent an OTP to your contact. Please enter it below to verify.
Instantly access job listings, apply easily, and track applications.
pune, chennai, bengaluru
15.0 - 30.0 Lacs P.A.
gurugram
9.0 - 14.0 Lacs P.A.
chennai, tamil nadu, india
Salary: Not disclosed
remote, india
Salary: Not disclosed
hyderabad
10.0 - 20.0 Lacs P.A.
Salary: Not disclosed
bengaluru
5.0 - 9.0 Lacs P.A.
11.0 - 15.0 Lacs P.A.
karnataka
Salary: Not disclosed
bengaluru
4.0 - 8.0 Lacs P.A.
