Splunk Engineer - Enterprise Security & Platform Ownership

Responsibilities

• Splunk Platform Engineering
• Design, implement, and maintain Splunk Enterprise, Splunk Cloud, and Splunk Enterprise Security (ES)
• Own the Splunk platform end-to-end, including architecture, configuration, and optimization
• Design and manage indexer clusters, search head clusters, and deployment infrastructure
• Define and manage forwarder architecture (Universal Forwarders vs Heavy Forwarders)
• Ensure platform scalability, high availability, and performance
• Data Ingestion & SIEM Operations
• Work with infrastructure, DevOps, and application teams to onboard logs from all critical systems
• Ensure data is CIM-compliant and suitable for security analytics
• Optimize ingestion pipelines to balance visibility and licensing costs
• Manage data retention policies and storage optimization
• Enterprise Security (ES) Development
• Design and implement correlation searches, alerts, dashboards, and reports
• Build and enhance detection use cases to identify threats and anomalies
• Develop and maintain data models, asset and identity frameworks
• Improve ES maturity from basic alerting to advanced security monitoring and response
• Performance & Capacity Management
• Monitor and troubleshoot SIEM performance, including search latency and indexing delays
• Manage capacity planning, licensing, and system growth
• Perform system tuning and optimization for large-scale data environments
• Automation & Integration
• Integrate Splunk with SOAR platforms, ticketing systems, and other security tools
• Develop automation for alert enrichment, response, and operational efficiency
• Utilize scripting (Python, APIs) for automation and system integration
• Apply AI/ML techniques to enhance detection and anomaly identification
• Incident Response & Security Operations
• Investigate and respond to security alerts and incidents
• Perform root cause analysis and recommend corrective actions
• Support incident response processes and on-call rotations
• Improve detection and response workflows continuously
• Security Governance & Compliance
• Support implementation of security frameworks (ISO 27001, NIST, CIS, PCI)
• Participate in audits, risk assessments, and compliance activities
• Document monitoring, detection, and response procedures
• Contribute to security policies, standards, and best practices
• Competencies
• Strong analytical problem-solving skills and attention to detail.
• Organization, Time Management & Prioritization - Self-starter that focuses on key priorities; plans, organizes, schedules and executes on tasks and projects in an efficient and productive manner.
• Ability to form productive relationships across the organization to accomplish information security objectives.
• Ability and willingness to learn all aspects of the information security field.
• Profes

Additional Information

Redefine the future of customer experiences. One conversation at a time. At Nextiva, we're reimagining how businesses connect, bringing together customer experience and team collaboration on a single, conversation centric platform. Powered by AI, driven by human innovation. Our culture is forward thinking, customer obsessed and built on the belief that meaningful connections drive better business outcomes. Whether it's through our signature Amazing Service®, the technology we create, or the experiences we cultivate, connection is at the core of who we are. If you're ready to collaborate with incredible people, make an impact, and help businesses everywhere deliver truly amazing experiences, this is where you belong. Location: This is an onsite role based at Nextiva's Bengaluru office (Wilshire III by MFAR, 492, Hobli, RHB Colony, Mahadevapura, Bengaluru, Karnataka 560048). Working together onsite strengthens how we operate, enabling faster decisions, clearer communication, and stronger execution, so you can make a greater impact and move work forward with speed and clarity. In-Office Expectation: This role is expected to work onsite five days per week, supporting a highly collaborative, in-person team environment. The Information Security Engineer (Splunk SIEM) is responsible for the design, implementation, operation, and continuous improvement of the organization's Splunk-based log management and Security Information and Event Management (SIEM) platform. This role requires ownership of a hybrid Splunk environment (Splunk Enterprise and Splunk Cloud) and focuses on building and maturing Splunk Enterprise Security (ES) to provide actionable visibility into security events across infrastructure, applications, and cloud environments. The engineer will also support broader security operations, including incident response, threat detection, automation, and integration with other security tools. Education & Experience Bachelor's degree in Information Technology, Computer Science, or related field (or equivalent experience) 5+ years of experience in: Splunk administration/engineering SIEM operations or security engineering Infrastructure, cloud, or network security

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at nextiva? Share your experience