Splunk Engineer

Are you a Splunk expert ready to make an impact in a dynamic, security-focused environment? Join our team in Doha as a Splunk Onsite Engineer, where you'll lead the deployment and optimization of Splunk Enterprise Security (ES) for robust log management and observability.

What You’ll Do

• Deploy, configure, and maintain Splunk Enterprise in an on-premises setup.
• Manage ES Search Head, Indexers, and Indexer Storage for high availability and data integrity.
• Oversee data onboarding via Universal and Heavy Forwarders.
• Administer Splunk licensing, License Managers, and Cluster Managers.
• Build and refine searches, dashboards, and alerts for security and observability.
• Collaborate with cross-functional teams to integrate diverse log sources.
• Perform system health checks, upgrades, and patching.
• Document configurations and provide onsite support and training.

What You Bring

• Proven experience with Splunk Enterprise in on-prem environments.
• Deep knowledge of Splunk architecture, search management, and indexing.
• Hands-on expertise with forwarders, license management, and cluster operations.
• Strong skills in search optimization, troubleshooting, and dashboard creation.
• Excellent communication and documentation abilities.
• Ability to work independently and collaboratively.

Preferred Qualifications

• Splunk Certified Admin, Architect, or ES certifications.
• Experience with SIEM, observability, and scripting (Python, Bash).
• Familiarity with compliance frameworks and log management standards.
• Bachelor’s degree in an IT-related field