MoAIJobs
Professional headshot

Boost Your Job Search With Professional Headshots

Upload 6–7 photos and get high-quality headshots in 3 minutes. No studio needed!

Get Your Headshots
Hitachi
2 days ago

Splunk SME - Cumulus Systems Pvt. Ltd.

Pune, Maharashtra, India

Location:

Pune, Maharashtra, India

Job ID:

R0097122

Date Posted:

2025-06-13

Company Name:

HITACHI INDIA PVT. LTD

Profession (Job Category):

Other

Job Schedule: 

Full time

Remote:

No

Job Description:

Job Title: Splunk SME

Designation: Senior Engineer/ Assistant Manager

Company: Cumulus Systems Pvt. Ltd.

Location: Pune, India.

Salary: As per Industry

 

Company Overview:

  Cumulus Systems engages in providing End-to-End Software Development Lifecycle involving Business & Requirements Analysis, Solution Architecture & Design, Development, Testing, Deployment and Postproduction Support. Its cross-domain storage performance management platform called MARS (Measure Analyze Recommend Solve) monitors and helps manage large-scale, heterogeneous IT infrastructure across the entire enterprise.

Job Roles & Responsibilities:

 

1.  Splunk Platform Implementation and Configuration:

  • Lead the deployment, configuration, and integration of Splunk with various data sources and security tools.

  • Ensure that Splunk instances (indexers, forwarders, search heads) are set up correctly and optimized for performance.

  • Customize Splunk for different security use cases (e.g., monitoring, incident detection, compliance reporting).


2.  Data Collection and Ingestion:

  • Configure data inputs, forwarders, and data parsers for various log sources (e.g., network devices, firewalls, endpoints, servers).

  • Set up log forwarding and ensure efficient and secure data collection from a wide range of security and IT systems.

  • Ensure data normalization and correlation to make it usable for analysis and detection.


3.  Search and Query Optimization:

  • Design and develop complex SPL (Search Processing Language) queries to analyze security data.

  • Optimize searches for performance and efficiency, especially when working with large datasets.

  • Create and maintain reports, dashboards, and alerts for security monitoring and incident response.


4.  Incident Detection and Response:

  • Use Splunk to monitor security events in real-time, identifying potential threats and anomalies.

  • Configure and fine-tune Splunk's correlation searches and alerts to ensure accurate detection of security incidents (e.g., intrusions, breaches).

  • Work with security operations teams to investigate incidents and provide actionable insights from Splunk data.

5. Security Monitoring and Threat Intelligence Integration:

  • Integrate external threat intelligence feeds into Splunk to enhance security monitoring.

  • Leverage Splunk’s machine learning capabilities to identify patterns of suspicious activity.

  • Create custom detection rules, machine learning models, and analytics to detect emerging threats.


6. Reporting and Compliance:

  • Generate and deliver automated security reports (e.g., for compliance frameworks like GDPR, PCI-DSS, HIPAA).

  • Ensure that Splunk data is properly indexed, categorized, and stored to support compliance and auditing requirements.

  • Create dashboards and visualizations for executives, managers, and technical teams to track security posture.


7. Splunk Tuning and Optimization:

  • Perform regular health checks of the Splunk environment to ensure high availability, scalability, and performance.

  • Tune Splunk configurations (indexing, search, data storage) to maintain optimal performance, especially during peak event loads.

  • Troubleshoot and resolve issues related to Splunk performance, data accuracy, or integration challenges.


8. Collaboration and Knowledge Sharing:

  • Work with other security teams (e.g., SOC, Incident Response, Threat Intelligence) to align Splunk’s capabilities with organizational security needs.

  • Provide training, mentoring, and best practices for other Splunk users and administrators.

  • Stay up to date with new features, apps, and updates to Splunk, and share knowledge with the team.


9.  Documentation and Standards:

  • Maintain comprehensive documentation for Splunk configurations, use cases, search queries, and data pipelines.

  • Develop standard operating procedures (SOPs) for various Splunk-related tasks (e.g., creating reports, handling incidents, data ingestion).

  • Document Splunk customizations, integration processes, and automation to ensure consistency across teams.

Skills:

1.  Experience and Technical Expertise:

  • Strong experience (3+ years) working with Splunk in a security operations environment.

  • Deep knowledge of Splunk's components (indexers, forwarders, search heads, and deployment servers).

  • Experience in creating and tuning SPL queries, developing Splunk apps, and managing Splunk Enterprise Security (ES).

  • Hands-on experience in data parsing, normalization, and event correlation using Splunk.

  • Proficient in integrating third-party tools, such as firewalls, intrusion detection systems (IDS), and vulnerability scanners, with Splunk.


2.  Security Knowledge:

  • Strong understanding of SIEM use cases for security monitoring and incident detection.

  • Knowledge of network security, endpoint security, cloud security, and threat intelligence integration within a SIEM context.

  • Experience in detecting and responding to cybersecurity threats (e.g., malware, DDoS attacks, insider threats, APTs).

3. Cloud and Hybrid Environments:

  • Experience with hybrid environments, where on-premises and cloud data sources are integrated into Splunk.

  • Familiarity with deploying and managing Splunk in cloud environments (e.g., AWS, Azure, Google Cloud).

4. Collaboration and Communication:

  • Strong communication skills to work with cross-functional teams (SOC, IT, Compliance, etc.) and translate security data into actionable business insights.

  • Ability to communicate technical information effectively to both technical and non-technical stakeholders.


5. Problem-Solving and Troubleshooting:

  • Strong troubleshooting skills, particularly when dealing with complex data integration or performance issues in a Splunk environment.

  • Ability to identify root causes of security issues and design effective solutions using Splunk.


6.  Data Analytics and Reporting Skills:

  • Ability to design and build custom dashboards, reports, and alerts to provide actionable insights from security data.

  • Proficiency in data visualization to communicate findings to both technical and non-technical stakeholders.

  • Knowledge of KPI and metric tracking for security and operational effectiveness.

7. Scripting and Automation:

  • Proficiency in scripting languages such as Python, Bash, or PowerShell for automation tasks.

  • Experience with Splunk REST API or SDKs to automate processes or integrate Splunk with other tools in the ecosystem.

Experience: 5+ Years

Please mention that you found this job on MoAIJobs, this helps us grow. Thank you!

Related Jobs

PlayStationPlayStation
3 weeks ago

Project Manager (Systems)

Remote
AMDAMD
5 days ago

Systems Design Eng.

MARKHAM, Canada
Perplexity AIPerplexity AI
1 month ago

AI Systems Engineer (London)

Greater London Area
TensorflowPytorchCUDALLM+1 more
FreeformFreeform
1 week ago

Software Engineer (Robotic Systems)

Los Angeles, CA (On-site)
robotcomputer vision
AMDAMD
4 days ago

MTS Systems Design Eng.

Austin, Texas