Senior Splunk Infrastructure Operations Engineer

Senior Splunk Infrastructure Operations Engineer

3M DATA specializes in building the technological foundations that power transformative initiatives across the Middle East. With deep expertise in Next-Generation Cloud Architecture, Digital Infrastructure, Cybersecurity, and Managed Services, we enable organizations to achieve extraordinary outcomes through modern digital platforms. Our mission is to empower large-scale, future‑focused programs with advanced technology solutions that drive innovation, resilience, and long‑term success.

We are seeking an experienced Senior Engineer specializing in Splunk Infrastructure Operations to lead the deployment, administration, and optimization of enterprise‑scale Splunk environments. This role requires strong technical ownership, hands‑on engineering experience, and the ability to operate in a hybrid model with a consistent on‑site presence.

The Senior Engineer will act as a subject‑matter expert, ensuring stable, scalable, and high‑performing Splunk operations while collaborating with cross‑functional teams, supporting SOC and IT functions, and driving continuous improvements across the platform.

• Lead the deployment, configuration, and lifecycle management of distributed Splunk Enterprise environments.
• Manage Splunk components including search heads, indexers, cluster masters, deployment servers, and forwarders.
• Ensure standardized rollout and optimization of Universal Forwarders across all systems.
• Monitor platform performance, indexing health, ingestion pipelines, and storage capacity.
• Troubleshoot and resolve complex issues related to Splunk components, parsing, search performance, and data ingestion.

• Manage end‑to‑end data onboarding workflows, including parsing, field extraction, and CIM alignment.
• Support data enrichment, normalization, and governance to enhance operational and security analytics.
• Develop dashboards, alerts, reports, and automation workflows to support SOC, IT Ops, and observability teams.

• Serve as the primary engineer responsible for real‑time technical support and incident handling.
• Coordinate with SOC, IT, cloud, and network teams to resolve issues and ensure best practices in Splunk operations.
• Lead improvement initiatives focused on performance tuning, system resilience, and operational maturity.
• Work closely with engineering, observability, and cybersecurity teams to support analytics and operational use cases.
• Deliver training sessions, technical workshops, and documentation to enhance internal team capabilities.
• Prepare and maintain detailed runbooks, architecture documentation, guidelines, and operational procedures.

• 8–10+ years of technical experience in SOC operations, SIEM/Splunk engineering, or infrastructure observability.
• Strong hands‑on experience with Splunk Enterprise, including search heads, indexers, clustering, and distributed architectures.
• Deep understanding of Linux administration, networking fundamentals, and log pipelines.
• Demonstrated ability to lead complex troubleshooting, root‑cause analysis, and platform optimization.
• Strong communication, stakeholder management, and technical leadership skills.

• Bachelor’s degree in Information Technology or Computer Science.
• Splunk
  
  Certifications:
  
  Core Certified Power User, Admin, or Architect.
• Experience with scripting/automation using Python, Bash, or similar tools.
• Familiarity with SOAR platforms, SIEM workflows, or automation frameworks.
• Background in enterprise‑scale observability, monitoring, or security operations.
• Experience working in hybrid operational models (on‑site + remote).

If you are passionate about cutting‑edge technology and ready to shape the digital future of Saudi Arabia, we welcome your application. Send your CV to: careersh

Be part of a team building the next generation of digital infrastructure in the Middle East.