[Hiring] Splunk Specialist @Optimas AI

Role Description

We are seeking a skilled and proactive Splunk Engineer to lead and manage, enhance SOC operations for a UAE based client.

• Play a critical role in ensuring the effectiveness of our Splunk SIEM based SOC.
• Enhance use cases and playbooks, and address incident management gaps.
• Work with the Security Manager to improve Threat detections, improve Risk scoring and powerful case response.
• Collaborate closely with a remote SOC team in India to meet client requirements and improve overall SOC performance and effectiveness.

Qualifications

• 5+ years of experience in Splunk Admin operations, including at least 3 years as a Splunk Engineer or equivalent role.
• Proficiency in Splunk Enterprise Security, including developing and maintaining use cases, dashboards, and playbooks.
• Strong understanding of SIEM concepts, architecture, best practices.
• Proficiency in scripting, automation and query languages (Regex, SQL, Python, Bash etc.).
• Familiarity with Windows, Linux, & network device log formats.
• Basic knowledge of security frameworks such as NIST, ISO 27001, or MITRE ATT&CK.
• Proven experience in incident management and threat analysis.
• Hands-on expertise in security monitoring, log analysis, threat hunting.
• Knowledge of network security, endpoint security, and cloud security concepts and architecture.
• Strong communication and client management skills.
• Good troubleshooting and problem-solving attitude.
• Capable to work under pressure and manage multiple priorities.
• Familiarity with UAE regulatory frameworks & compliance requirements (Optional, e.g. UAE IAR).

Requirements

• Develop, optimize, and maintain Splunk use cases, dashboards, alerts, and reports to enhance SOC capabilities.
• Design and implement effective Splunk playbooks for incident detection, response, and escalation.
• Conduct regular health checks and performance tuning of Splunk environments.
• Coordinate weekly with the Security Manager (Sr. Consultant), report and take directions.
• Participate in meetings with the client IT teams and stakeholders along with the Security Manager.
• Develop and fine-tune correlation rules, alarms, and dashboards for advanced threat detection.
• Identify gaps in existing use cases and recommend improvements.
• Identify gaps in current SOC operations and implement corrective actions.
• Provide hands-on support for advanced incident analysis and forensic investigations.
• Ensure consistent and accurate incident reporting to stakeholders.
• Act as the primary point of contact for client escalations related to SOC operations.
• Collaborate with the Security Manager to align SOC deliverables with client expectations.
• Participate in regular client meetings to report on SOC performance and improvements.

Benefits

• Education: Bachelor’s degree in Information Technology, Cybersecurity, or related field.
• Splunk certifications (e.g., Splunk Certified Admin, Splunk Certified Power User, Splunk Certified Architect).
• Other Cybersecurity certifications will be an added advantage (e.g., CEH, Application Security, OWASP Top 10, ISO 27001, CSA (Certified SOC analyst), Certified Incident Handler (CIH)).