2P Perfect Presentation

Cyber Security Engineer (Splunk)

Riyadh, Riyadh Province, SA

13 days ago
Save Job

Summary

We are seeking a skilled and proactive Splunk Engineer to lead the end-to-end administration, daily operations, and support of our Splunk environment. This platform is essential for our log management and Security Information and Event Management (SIEM) capabilities. The ideal candidate will ensure optimal system performance, data integrity, and security visibility through effective configuration, monitoring, and maintenance of the Splunk platform.


Key Responsibilities:


  • Install, configure, and manage Splunk instances (Enterprise, Cloud, or hybrid).
  • Onboard and manage new data sources, including configuring inputs, forwarders, and filters.
  • Develop and maintain dashboards, alerts, and reports for operational and security insights.
  • Manage user roles, access control, and data security policies within Splunk.
  • Perform regular updates, upgrades, and patching to maintain system health and security.
  • Implement best practices for indexing, data retention, and data lifecycle management.
  • Configure and fine-tune SIEM features including correlation searches and threat detection rules.
  • Monitor the health and performance of the Splunk environment, including resource utilization (CPU, memory, disk).
  • Proactively identify and resolve performance issues or system failures.
  • Perform daily log validation to ensure logs are ingested accurately and without loss.
  • Monitor search and index performance for speed and efficiency.
  • Ensure timely ingestion of critical security logs and event data from all essential systems and applications.


Qualifications:

  • Bachelor’s degree in Computer Science, Information Systems, or a related field.
  • Minimum of 3 years of hands-on experience in Splunk administration and operations.
  • Solid understanding of log management and SIEM concepts.
  • Experience with onboarding data sources and building dashboards and alerts.
  • Familiarity with enterprise security frameworks and best practices is preferred.
  • Splunk certifications (e.g., Splunk Core Certified Power User, Splunk Certified Admin) are a plus.

How strong is your resume?

Upload your resume and get feedback from our expert to help land this job