Job Openings Splunk Certified Architect

About the job Splunk Certified Architect

Job Title: Splunk Certified Architect

Location: Dubai, United Arab Emirates / Muscat, Oman

Experience: Minimum 5 years

Job Type: Full-time

Salary: Competitive, based on experience

Job Summary

We are seeking a highly skilled Splunk Architect with a minimum of 5 years of experience to design, deploy, and optimize end-to-end Splunk implementations, including both Security (SIEM) and/or Observability use cases. The ideal candidate will have hands-on experience with large-scale, production-grade Splunk rollouts (including turnkey implementations) and possess excellent communication and documentation skills to support enterprise-grade delivery in a fast-paced environment.

Key Responsibilities

  • Architect and implement Splunk Enterprise and Splunk Cloud solutions across security and observability domains.
  • Lead turnkey Splunk deployments, including architecture design, indexing strategy, data onboarding, and visualization.
  • Develop and optimize correlation searches, dashboards, reports, and alerts across IT and security use cases.
  • Design data ingestion pipelines from various sources: Syslog, APIs, cloud logs, firewalls, applications, etc.
  • Collaborate with stakeholders across cybersecurity, IT operations, DevOps, and compliance teams.
  • Translate business and technical requirements into scalable and efficient Splunk architectures.
  • Deliver high-quality technical documentation, architecture diagrams, SOPs, and handover materials.
  • Provide technical leadership and mentor junior Splunk engineers and administrators.
  • Work with SOC/NOC teams to integrate Splunk with SOAR tools, threat intel feeds, and MITRE ATT&CK.
  • Assist with capacity planning, license optimization, and upgrade/migration planning.

Required Qualifications

  • Minimum 5 years of hands-on Splunk experience, with 2+ years in an architect-level role
  • Proven success in turnkey Splunk implementations from planning to go-live
  • Expertise in both Splunk Enterprise Security (ES) and ITSI/Observability
  • Strong knowledge of search processing language (SPL) and KV store optimizations
  • Familiarity with cloud integrations (AWS, Azure, GCP) and hybrid log ingestion
  • Solid understanding of data modeling, CIM compliance, and security data normalization
  • Experience integrating with SIEM, SOAR, CMDB, and threat intelligence platforms
  • Strong documentation skills using Confluence, Markdown, or Visio
  • Excellent verbal and written communication skills; capable of presenting to business and tech audiences

Preferred Qualifications

  • Splunk Certifications (Architect, Power User, Admin, ES Implementation)
  • Familiarity with frameworks like MITRE ATT&CK, NIST, ISO 27001, and ITIL
  • Experience working with Middle Eastern clients or in multicultural teams

Or refer someone