Splunk Admin/ Specialist

Cyber Gate Defense is looking for a skilled and dedicated Splunk Administrator to join our growing team in Abu Dhabi , UAE) ! If you're passionate about data, security, and optimizing Splunk environments to their fullest potential, we want to hear from you. As a Splunk Administrator, you will be crucial in managing, maintaining, and scaling our Splunk infrastructure, ensuring optimal performance and data integrity for our security and operational intelligence needs. Key Responsibilities : Splunk Infrastructure Management : Install, configure, and maintain Splunk Enterprise deployments, including indexers, search heads, forwarders, and deployment servers. Performance Tuning & Optimization : Monitor Splunk system health, troubleshoot issues, and optimize performance for searches, dashboards, and data ingestion. Data Onboarding & Management : Configure data inputs, manage data parsing, field extractions, and ensure data quality and integrity from various sources (logs, metrics, etc.). User & Access Management : Administer Splunk users, roles, and permissions, ensuring adherence to security best practices. Security & Compliance : Implement and maintain security controls within the Splunk environment, including data encryption, access logging, and compliance with organizational policies. Troubleshooting & Support : Provide expert-level support for Splunk-related issues, working with internal teams to resolve problems efficiently. Upgrade & Patch Management : Plan and execute Splunk upgrades, patches, and hotfixes with minimal downtime. Documentation : Create and maintain comprehensive documentation for Splunk architecture, configurations, and operational procedures. Collaboration : Work closely with security analysts, engineers, and other IT teams to understand their data requirements and provide tailored Splunk solutions. Qualifications & Skills : Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. 5 to 8+ years of hands-on experience as a Splunk Administrator in an enterprise environment. Proven expertise in Splunk Enterprise administration , including clustered environments (indexer clustering, search head clustering). Strong understanding of Splunk architecture and components. Proficiency in Splunk Search Processing Language (SPL) for complex queries, dashboards, and reports. Experience with data onboarding from various sources (e.g., Windows, Linux, network devices, applications, cloud services). Familiarity with regular expressions (regex) for data parsing. Knowledge of scripting languages (e.g., Python, Shell) for automation is a plus. Understanding of network protocols, security concepts, and IT operations. Excellent problem-solving, analytical, and communication skills. Splunk Certified Administrator or other relevant Splunk certifications are highly preferred. #J-18808-Ljbffr