Splunk Engineer

Are you a Splunk expert ready to take on a high-impact role in a dynamic enterprise environment? We're looking for a Splunk Engineer to join our client in Doha, Qatar, focused on deploying and optimizing Splunk Enterprise Security (ES) for robust log management and observability.

This is an onsite position, offering the chance to work hands-on with a mission-critical Splunk infrastructure supporting security operations and driving actionable insights from machine data.

Key Responsibilities:

• Deploy, configure, and maintain Splunk Enterprise in an on-premises environment
• Manage ES Search Head, Indexers, and Indexer Storage for high availability and data integrity
• Oversee data collection via Universal and Heavy Forwarders; troubleshoot onboarding issues
• Administer Splunk license usage, License Managers, and Cluster Managers
• Develop and optimize search queries, dashboards, and alerts for security and observability
• Collaborate with IT, network, and security teams to integrate diverse log sources
• Perform system health checks, upgrades, and patch management
• Document configurations and provide onsite support and training

Required Skills & Experience:

• Proven hands-on experience with Splunk Enterprise in on-prem environments
• Deep understanding of ES Search Head, Indexers, and storage architecture
• Experience with Universal and Heavy Forwarders
• Strong skills in search optimization, dashboard creation, and alerting
• Familiarity with License and Cluster Manager operations
• Excellent troubleshooting, documentation, and communication skills

Preferred Qualifications:

• Splunk Certified Admin, Architect, or ES
• Experience with SIEM, observability, and scripting (Python, Bash)
• Knowledge of compliance frameworks and log management best practices
• Bachelor’s degree in IT or related field