Sr. Splunk Engineer📣 Job Ad
| Contract Type | Full-time | |
| Workplace type | On-site | |
| Location | Riyadh |
Job Description
About the Role
DXC Technology is seeking a Sr. Splunk Engineer to join their team in Riyadh. This is a full-time position focused on designing, implementing, and maintaining Splunk solutions to support security monitoring and operational needs.
Key Responsibilities
- Design and implement end-to-end Splunk solutions, covering data ingestion, parsing, indexing, and search optimization.
- Develop and maintain custom correlation rules, alerts, dashboards, and visualizations for security monitoring and incident response.
- Onboard new log sources from infrastructure, security, application, and cloud systems using best practices (*, via UF, HF, syslog, APIs).
- Perform regular health checks, performance tuning for indexers and search heads, monitor license usage, and manage configuration backups.
- Support threat detection initiatives by translating security use cases into actionable Splunk queries and alerts.
- Assist in troubleshooting ingestion failures, parsing errors, and inefficient searches.
- Collaborate with SOC, threat intelligence, and infrastructure teams to ensure data relevance, completeness, and quality.
- Maintain Splunk Enterprise Security (ES) configurations, including CIM compliance, notables, and risk-based alerting (RBA).
- Implement and manage data retention policies and storage utilization in line with compliance requirements.
- Automate tasks and processes using scripts (Python, Bash, PowerShell) and configuration management tools as needed.
- Provide technical guidance and mentoring to junior Splunk engineers and analysts.
Required Experience and Skills
Candidates should possess a minimum of 5 years of hands-on experience in SIEM engineering, with at least 3 years specifically focused on Splunk Enterprise or Splunk Cloud. Proficiency in SPL (Search Processing Language), data onboarding, and CIM normalization is essential. Experience integrating diverse log sources, including firewalls, endpoints, cloud platforms (AWS, Azure), identity systems, and threat intelligence feeds, is required. A strong understanding of security operations, detection engineering, and incident response workflows is necessary. Familiarity with Splunk ES, UBA, ITSI, and SOAR is preferred but not mandatory. Experience with scripting and automation using Python, Bash, or PowerShell is also required. A good knowledge of networking, security protocols, and system administration (Windows/Linux) is expected. Exposure to regulatory and compliance requirements such as ISO 27001, NCA, SAMA, and PCI-DSS is beneficial.
Work Location and Type
This is a full-time position based in Riyadh, Saudi Arabia.
Requirements
- Requires 5-10 Years experience
Similar Jobs
You may also like
- Related Sr. Splunk Engineer Opportunities
- Sales Representative Jobs in Al Khobar
- Purchasing Manager Jobs in Al Khobar
- Graphic Designer Jobs in Al Khobar
- Host Jobs in Al Khobar
- Barista Jobs in Al Khobar
- Other Job Fields in Riyadh
- Sales Representative Jobs in Riyadh
- Purchasing Manager Jobs in Riyadh
- Graphic Designer Jobs in Riyadh
- Beauty Salon Manager Jobs in Riyadh
- Cashier Jobs in Riyadh
- Call Center Agent Jobs in Riyadh
- Host Jobs in Riyadh
- Operations Officer Jobs in Riyadh
- Barista Jobs in Riyadh
- HVAC Engineer Jobs in Riyadh
- Explore Jobs Across Saudi Arabia
- Cleaning worker Jobs in Dammam
- IT System Engineer Jobs in Riyadh
- Sales Specialist Jobs in Al Khobar
- Certified Trainer Jobs in Khamis Mushayt
- Physiotherapy Specialist Jobs in Jeddah
- General Accountant Jobs in Riyadh
- Intermediate School Teacher of Islamic Studies Jobs in Abha
- Oral and Maxillofacial Orthodontist Jobs in Makkah
- Sales Representative Jobs in Tabuk
- Promoter Jobs in Khamis Mushayt