Splunk Engineer

Are you a Splunk expert ready to take on a high-impact role in a dynamic enterprise environment? We're looking for a Splunk Engineer to join our client in Doha, Qatar , focused on deploying and optimizing Splunk Enterprise Security (ES) for robust log management and observability.

This is an onsite position , offering the chance to work hands-on with a mission-critical Splunk infrastructure supporting security operations and driving actionable insights from machine data.

Key Responsibilities:

• Deploy, configure, and maintain Splunk Enterprise in an on-premises environment
• Manage ES Search Head, Indexers, and Indexer Storage for high availability and data integrity
• Oversee data collection via Universal and Heavy Forwarders; troubleshoot onboarding issues
• Administer Splunk license usage, License Managers, and Cluster Managers
• Develop and optimize search queries, dashboards, and alerts for security and observability
• Collaborate with IT, network, and security teams to integrate diverse log sources
• Perform system health checks, upgrades, and patch management
• Document configurations and provide onsite support and training

Required Skills & Experience:

• Proven hands-on experience with Splunk Enterprise in on-prem environments
• Deep understanding of ES Search Head, Indexers, and storage architecture
• Experience with Universal and Heavy Forwarders
• Strong skills in search optimization, dashboard creation, and alerting
• Familiarity with License and Cluster Manager operations
• Excellent troubleshooting, documentation, and communication skills

Preferred Qualifications:

• Splunk Certified Admin, Architect, or ES
• Experience with SIEM, observability, and scripting (Python, Bash)
• Knowledge of compliance frameworks and log management best practices
• Bachelor’s degree in IT or related field