×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Security Manager

Senior Splunk Security Engineer

Job in Riyadh, Riyadh Region, Saudi Arabia
Listing for: Acuative Middle East
Full Time position
Listed on 2026-02-14
Job specializations:
  • IT/Tech
    Cybersecurity, Security Manager
Salary/Wage Range or Industry Benchmark: 200000 - 300000 SAR Yearly SAR 200000.00 300000.00 YEAR
Job Description & How to Apply Below

Job Title:

Senior Splunk Security Engineer / Architect About Acuative

Acuative is a global IT solutions provider delivering world‑class managed services, managed solutions, and advanced network infrastructure support. We operate with a strong client‑first mindset, empowering organizations to scale securely and efficiently. Our success is driven by our people—we invest heavily in continuous learning, hands‑on experience, mentorship, and professional growth. At Acuative, you will join a collaborative, high‑performance environment built on professionalism, innovation, and measurable results.

Role Overview

We are seeking a highly skilled Senior Splunk Security Engineer / Architect to design, deploy, operate, and continuously enhance enterprise‑scale Splunk platforms. This role is responsible for full lifecycle ownership of the Splunk SIEM environment, including architecture, detection engineering, automation, compliance, and operational excellence. The ideal candidate combines deep technical expertise with strong ownership, documentation discipline, and stakeholder engagement.

Key Responsibilities Splunk Platform Architecture & Operations
  • Architect, deploy, and maintain distributed Splunk infrastructure components including Indexers, Search Heads, Deployer, Cluster Master, Deployment Server, and Heavy/Universal Forwarders.
  • Manage clustering, index replication, distributed search, and platform scalability.
  • Plan and execute Splunk upgrades, patching, disaster recovery testing, and failover scenarios.
  • Ensure continuous platform availability for SOC teams, analysts, and stakeholders.
  • Monitor and optimize resource utilization (CPU, memory, disk I/O), indexing rates, and license consumption.
  • Optimize SPL performance, scheduled searches, summary indexing, and job execution efficiency.
  • Design and enforce 100% logging baseline coverage across infrastructure, cloud platforms, applications, and endpoints.
  • Define and manage source types, parsing rules, field extractions, and CIM compliance.
  • Ensure data integrity, retention policies, and efficient data lifecycle management.
  • Validate log onboarding, normalization, and data consistency across all sources.
  • Maintain full asset visibility across ingestion, detection, and response layers.
Detection Engineering & Threat Coverage
  • Design, implement, and maintain comprehensive detection coverage mapped to the MITRE ATT&CK framework.
  • Build, tune, and optimize correlation searches, anomaly‑based detections, and risk‑based alerting.
  • Reduce alert noise and improve detection fidelity through enrichment, contextual logic, and continuous tuning.
  • Lead end‑to‑end use case development including design, mapping, implementation, tuning, validation, and documentation.
  • Ensure 100% asset and threat coverage across detection and response workflows.
Integration & Automation
  • Integrate Splunk with ITSM, SOAR, XDR, TIP, threat intelligence platforms, and external SaaS solutions.
  • Automate enrichment, tagging, asset classification, IOC ingestion, log validation, and incident response actions using APIs and scripts.
  • Enable seamless data exchange and orchestration across security and IT platforms.
Security, Access Control & Compliance
  • Ensure full regulatory compliance with applicable frameworks (e.g., NCA).
  • Implement and monitor access controls, audit logging, and data governance policies.
  • Provision and deprovision users based on least‑privilege and need‑to‑know principles.
  • Periodically review and validate access controls, administrative actions, and audit trails.
  • Support audit evidence collection, compliance reporting, and control mapping activities.
Governance, Documentation & Reporting
  • Maintain detailed architectural, operational, and troubleshooting documentation.
  • Enforce structured change management processes, including version control and rollback planning.
  • Track and review platform changes with full audit traceability.
  • Deliver recurring reports covering platform health, log coverage, detection effectiveness, threat coverage, and audit readiness.
  • Lead internal and external technical reviews, dashboards, and stakeholder engagements.
Required Qualifications
  • Strong hands‑on experience with Splunk Enterprise and Splunk Enterprise Security in distributed environments.
  • Proven expertise in clustering, performance tuning, SPL optimization, and large‑scale log onboarding.
  • Deep understanding of SIEM detection engineering, MITRE ATT&CK, and SOC operations.
  • Experience integrating Splunk with SOAR, ITSM, threat intelligence, and security tooling.
  • Strong scripting or automation skills (Python, Bash, REST APIs).
  • Solid understanding of security compliance, auditing, and regulatory requirements.
  • Excellent documentation, communication, and stakeholder engagement skills.
#J-18808-Ljbffr
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search