Noventiq Valuepoint - Splunk Engineer
Job Description
About company
Noventiq (Noventiq Holdings PLC) is a leading global solutions and services provider in digital transformation and cybersecurity, headquartered in London.
The company enables, facilitates, and accelerates digital transformation for its customers' businesses, connecting organizations across a comprehensive range of industries with best-in-class IT vendors, alongside its own services and proprietary solutions.
The company's rapid growth is underpinned by its three-dimensional strategy to expand its market penetration, product portfolio, and sales channels. This is supported by an active approach to M&A, positioning Noventiq to capitalize on the industry's ongoing consolidation. With around 6,400 employees globally, Noventiq operates in approximately 60 countries with significant growth potential in multiple regions including Latin America, EMEA, and APAC – with a notable presence in India.
Role: Senior Splunk Admin/Engineer/Senior engineer
Exp Level: 5+ year
Work Location:: Bangalore
work Location : Noventiq ValuePoint, 3rd floor, Gopalan Innovation, Bannerghatta Road, Bengaluru
Depends on project – Candidate need to go customer Onsite
Work model :: in Office 5 Days
Role Summary
We are seeking an experienced Senior Splunk Administrator responsible for deployment, configuration, optimization, and ongoing management of the Splunk environment, including SIEM use case development and automation support for SOC operations.
Key Responsibilities
Install, configure, and manage Splunk Enterprise / Splunk ES (Standalone, Distributed, Clustered).
Configure and maintain Indexers, Search Heads, Forwarders, Deployment Server, Cluster Master.
Onboard and integrate logs from servers, network devices, security tools, endpoints, and cloud platforms.
Perform use case creation, correlation rule development, and fine-tuning aligned with MITRE ATT&CK framework.
Optimize detection logic to reduce false positives and improve alert quality.
Develop and maintain dashboards, alerts, reports, and advanced SPL queries.
Support SOAR playbook development and automation workflows for incident response (phishing, malware, ransomware, etc.).
Monitor Splunk platform health, performance tuning, EPS optimization, and storage management.
Troubleshoot ingestion, parsing (props.conf, transforms.conf), and search performance issues.
Implement RBAC, data retention policies, and security hardening.
Support version upgrades, patching, backup, and DR setup.
