وافي - منصة التوظيف
العودة إلى الوظائف

Senior Splunk Engineer

Tamkeen Technologies
Riyadh
تاريخ النشر: ١٦‏/٧‏/٢٠٢٥

وصف الوظيفة

Tamkeen Technologies is looking for a talented Senior Splunk Engineer to enhance our analytics and monitoring capabilities across the organization's IT infrastructure. In this role, you will be responsible for the design, development, and maintenance of Splunk-based solutions to collect, analyze, and visualize data for security and operational insights. You will work closely with various teams to implement best practices in data ingestion, dashboard creation, and alert configuration to support organizational goals. If you have a strong background in Splunk and a keen interest in data analytics, we encourage you to apply and join our innovative team.

Responsibilities

Administer and manage Splunk infrastructure across multiple clients in a multi-tenant MSSP environment

Design and implement data onboarding processes including parsing, indexing, and field extractions

Manage indexers, search heads, forwarders, and heavy forwarders for optimal performance

Troubleshoot and resolve Splunk performance, search latency, and data ingestion issues

Develop and optimize SPL queries, dashboards, alerts, and reports

Ensure high availability, performance, and scalability of the Splunk platform

Maintain forwarders, heavy indexers, search heads, and deployment servers

Perform troubleshooting and root cause analysis for log ingestion and performance issues

Support client onboarding, use case development, and data source integration

Collaborate with SOC analysts, threat hunters, and client security teams to enhance visibility and detection

Maintain compliance with internal security policies and relevant regulatory frameworks

Implement role-based access control (RBAC), data retention policies, and compliance configurations

Work closely with MSSP clients to understand their security monitoring requirements

Provide Splunk expertise, troubleshooting, and best practices to internal and external stakeholders

Produce documentation for architecture, configurations, processes, and operational runbooks

Requirements

Bachelor's degree in Information Security, Computer Science, or a related technical field

Minimum 3-5 years of experience as a Splunk Administrator, preferably in an MSSP or multi-client environment

Deep hands-on experience with Splunk Enterprise, Splunk Enterprise Security (ES), and Splunk architecture components

Strong knowledge of SPL, data onboarding (parsing, field extractions, props/transforms), and performance tuning

Experience with Splunk integrations, including threat intelligence feeds, SOAR, and third-party tools

Familiarity with Linux/Unix systems and scripting (e.g., Python, Bash, PowerShell)

Strong understanding of SIEM use cases, threat detection, and log analysis

Splunk certifications such as Splunk Certified Admin, Power User, or Architect are highly preferred

Splunk certifications (Splunk Certified Admin, Splunk ES Certified, Splunk Architect)

Show more Show less