Senior Splunk Engineer

Overview

We are seeking an experienced Senior Splunk Engineer to take over and operate the on-premise Splunk SIEM platform. As part of the transition from Infosys, you will be responsible for stabilizing and continuously improving an existing enterprise‑scale SIEM environment.

You will own all Splunk operations across Plan & Build, 24/7 Operations, Release & Patch Management, CIM-based Log Onboarding, Parser development, Hardening, Configuration Management, and Incident/Problem/Change processes.

Responsibilities

1. Plan & Build

• Perform CIM-compliant log onboarding, parser creation, documentation.
• Conduct onboarding due diligence and demand analysis.
• Create Firewall/VPN/Routing change requests and validate changes.
• Manage ingestion pipelines via Cribl, Syslog-ng (TLS), Splunk UF/HF, SCP.
• Deploy and scale Splunk components using Terraform and Ansible.
• Build trend and capacity analy...