Splunk Enterprise & Soar Administrator

 

Description:

We are seeking a certified Splunk Enterprise & SOAR Administrator to lead the development, integration, and administration of our Splunk Security and SOAR infrastructure. You’ll collaborate with security engineers to deliver powerful automation, alerting, and analytics capabilities for our SOC team.

✅ Key Responsibilities:

  • Administer and optimize Splunk Enterprise Security & SOAR platforms
  • Develop dashboards, correlation searches, and risk-based alerts using SPL, Python, and SimpleXML
  • Integrate business-critical systems with Splunk
  • Manage SOAR clusters, PostgresDB, and custom playbooks
  • Build custom apps, add-ons, and automation workflows
  • Enhance alerting using AI models and custom risk scoring
  • Collaborate with SOC for use cases and triage workflows

 

🎯 Mandatory Skills & Experience:

  • 5+ years of Splunk administration
  • Active Splunk Enterprise Certified Architect
  • Active Splunk SOAR Administrator Certification
  • Strong Python development skills
  • Experience with Splunk SimpleXML, JavaScript/CSS
  • Expertise in Splunk data modeling, apps, dashboards, reports
  • Solid knowledge of indexers, forwarders, search heads
  • Prior SOC (Cyber Security Operations Center) experience
  • Bachelor’s degree (IT, CS, or related)

Organization Triac Solutions
Industry Management Jobs
Occupational Category SOAR Administrator
Job Location Dubai,UAE
Shift Type Morning
Job Type Full Time
Gender No Preference
Career Level Experienced Professional
Experience 5 Years
Posted at 2025-06-13 10:23 am
Expires on 2025-09-11