Senior Splunk ES Consultant

Sr. Splunk ES Consultant (Freelance) - 3 months- Riyadh, Saudi Arabia

At RELYzIT Talent, we don’t recruit — we build. We unite the top 2% of builders — engineers, architects, creators — into a movement across Europe and the GCC. Vetted through our VECTOR7™ Signal Stack, you’re not just hired, you’re chosen. This is more than work. This is where builders build the future.

About the Role

We are seeking a hands-on, Riyadh-based Sr. Splunk Enterprise Security Consultant for a freelance engagement with our client. This is a high-impact role in a high-pressure, regulated environment where your expertise will directly shape security outcomes. You’ll be the go-to builder for Splunk ES administration, driving mission-critical security operations and ensuring robust, audit-ready environments.

Why This Role Matters

Our client operates in a landscape where security, compliance, and real-time insights are non-negotiable. As a Splunk ES Consultant, you will be instrumental in architecting, optimizing, and troubleshooting the backbone of their security intelligence. Your work will empower teams to detect threats faster, respond smarter, and maintain the highest standards of compliance — making a tangible impact on business resilience and trust.

What You’ll Be Doing

• Administer and optimize Splunk Enterprise Security (ES) environments, including Indexers, Search Heads, and clustering.
• Deploy and manage Universal Forwarders (UF) and Heavy Forwarders (HF) for seamless data ingestion.
• Lead end-to-end data onboarding from diverse sources: Windows, Linux, network devices, cloud platforms, and APIs.
• Configure and fine-tune props.conf and transforms.conf for data normalization and enrichment.
• Implement and maintain CIM normalization to ensure consistent, actionable data models.
• Design, build, and optimize SPL queries, alerts, dashboards, and correlation rules for proactive threat detection.
• Troubleshoot ingestion delays, license issues, and search performance bottlenecks with precision and urgency.
• Integrate Splunk ES with critical security infrastructure: firewalls, proxies, EDR, Active Directory, and more.
• Collaborate with security and compliance teams to ensure audit readiness and evidence management.

Technical Skills & Experience

• Proven hands-on experience in Splunk ES administration (not just analysis).
• Deep knowledge of Indexers, Search Heads, clustering, and distributed Splunk architectures.
• Expertise in deploying and managing UF/HF, and onboarding data from multiple environments.
• Strong command of SPL, dashboard creation, alerting, and correlation rule development.
• Advanced troubleshooting skills for ingestion, licensing, and performance issues.
• Experience with CIM normalization and configuration of props.conf/transforms.conf.
• Integration experience with firewalls, proxies, EDR, and Active Directory.
• Bonus: Experience with Splunk ES use cases, incident triage, and UBA exposure.
• Bonus: Background in audit-ready, compliance-driven environments and ITIL awareness.

Mindset & Approach

• Builder mentality: You own outcomes, not just tasks.
• Problem-solver: You thrive in high-pressure, regulated environments and deliver under tight deadlines.
• Compliance-driven: You understand the importance of evidence, audit trails, and regulatory standards.
• Ready to hit the ground running — this is not a learning role.

Language Proficiency

• Fluent English required (spoken and written).

Other Requirements

• Based in Riyadh, Saudi Arabia.
• Freelance position with immediate start and project-based duration.
• Experience in regulated, audit-ready environments preferred.
• Awareness of ITIL or similar frameworks is a plus.

Ready to build the future with us? Upload your CV and join the movement of elite builders at RELYzIT Talent

.

#RELYzIT #TechJobs #FreelanceTalent #Riyadh #Splunk #SplunkES #SecurityEngineering #SIEM #CyberSecurity #VECTO

R7