Splunk Admin

Urgent requirement for Splunk Admin is required for our client in Bahrain

Core Responsibilities

• End‑to‑end Splunk administration & onboarding/integration of new log sources or requirements, parsing/normalization to Splunk.
• Splunk admin: cluster, indexer cluster, license, Splunk health/upgrade/DR, performance tuning & data model acceleration.
  
  

PaloAlto XSOAR: playbook design, connectors/integrations, custom integrations.

Qualifications

• 5–8 years SOC experience; 3+ years Splunk administration; 2+ years XSOAR.
• Scripting (Python/PowerShell), Linux, networking, cloud logs (AWS/Azure), IR/ITIL.
• Certifications (preferred): Splunk Core Admin/ES, Palo Alto Cortex XSOAR Engineer.
• Nice to have: Cribl/syslog‑ng/Kafka, STIX/TAXII, bilingual (Arabic/English).
  
  

Splunk admin: cluster, indexer cluster, license, Splunk health/upgrade/DR, performance tuning & data model acceleration.

PaloAlto XSOAR: playbook design, connectors/integrations, custom integrations.

Skills: admin,splunk,xsoar,soc