Job Description

o Expertise: Splunk Enterprise Certified Admin, 3–5 years in log onboarding and integration. o Responsibilities: ? Manage data source onboarding, parsing, and CIM alignment. ? Review and optimize data models and field extractions. ? Ensure integrations with security technologies (EDR, IAM, WAF, Firewalls, DLP, etc.). ? Manage troubleshooting of ingestion and parsing issues.

Job qualifications:

• Proven experience in managing enterprise Splunk environments at scale (preferably in banking/financial institutions). • Certified Splunk engineers across architecture, administration, and use case development. • Ability to provide at least 5 full-time technical resources. • 24x7 support capabilities with SLA-driven response times. • Familiarity with regulatory and compliance requirements in the financial sector (SAMA CSF, NCA, PCI DSS, etc.).