Job Description

Our client is seeking a highly motivated and experienced Splunk Certified Implementation Engineer to join their team. A Splunk implementation engineer sets up, configures, and integrates Splunk software so organizations can collect, monitor, and analyze their machine and security data effectively.

Key responsibilities:

Splunk Architecture & Implementation

End-to-end Splunk deployments from environment scoping and architecture blueprinting through production cutover
Implement, install, and configure Splunk components.
Implement federated search and analytics pipelines, enabling data-in-place querying.
Build and tune data onboarding pipelines: configure inputs.conf, props.conf, and transforms.conf to normalize multi-vendor log sources at ingestion time into Splunk CIM-compliant data models.
Develop and optimize SPL queries, macros, and scheduled searches to power operational detection use cases.

Cisco Data Fabric & Security Stack Integration

Implement Splunk data ingestion pipelines from the Cisco security product suite: Cisco Secure Firewall (ASA/FTD), Cisco Secure IDS/IPS, Cisco Identity Services Engine (ISE), Cisco Umbrella, and Cisco Thousand Eyes network intelligence telemetry.
Configure and validate Cisco Secure Endpoint and Cisco Threat Grid integration with Splunk ES for advanced malware telemetry correlation.
Cisco Meraki, Cisco Secure Network Analytics, Cisco XDR.

Operations & Day-to-Day Platform Management

Perform platform health and operational stability.
Perform capacity planning, index lifecycle management, and Machine Data Lake tiering strategy to control costs without compromising retention SLAs.
Execute Splunk version upgrades, patch deployments, and configuration management across all tiers using structured change management processes.

Broader Security Platform Responsibilities

Manage and optimize next-generation security controls: Cisco Secure Firewall, Palo Alto Networks NGFWs, Fortinet FortiGate, VPN concentrators, Email/Web Security Gateways, and EDR/XDR platforms.
Support Privileged Access Management (PAM) solutions and Database Activity Monitoring (DAM) platforms such as IBM Guardium as part of a holistic defense-in-depth security architecture.
Lead client-facing implementation workshops, present technical architectures and security findings to both engineering and executive stakeholders, and deliver structured knowledge transfer sessions to upskill client security teams.
Maintain accurate project documentation: HLD/LLD design artifacts, runbooks, architecture diagrams, and post-implementation reports.

Technical requirements:

Splunk Platform Expertise

5+ years of hands-on Splunk implementation experience in enterprise environments, including distributed multi-site deployments.
Proven ability to architect and deploy distributed Splunk infrastructures: Indexer Clusters, Search Head Clusters, Heavy Forwarder pools, Deployment Server hierarchies, and Machine Data Lake tiers.
Deep familiarity with Splunk Enterprise Security (ES): correlation searches, threat intelligence management, adaptive response, Risk-Based Alerting (RBA), and risk scoring frameworks.
Working knowledge of Cisco Data Fabric architecture: federated search capabilities, data-in-place analytics, and the evolution from full-ingestion to hybrid/federated SIEM pipeline patterns.
Familiarity with Splunk AI Toolkit, AI-assisted investigation workflows, and SOAR playbook development using Splunk SOAR is strongly advantageous.

Cisco & Network Security (Required)

Hands-on experience integrating Cisco security products with Splunk: Secure Firewall (ASA/FTD), Secure IDS/IPS, ISE, Secure Endpoint, Umbrella, ThousandEyes, and Secure Network Analytics.
Strong understanding of Cisco security event logging formats (syslog, eStreamer, REST/API telemetry) and their normalization into Splunk CIM data models.
Working knowledge of network security fundamentals: firewall policy management, IDS/IPS tuning, and VPN configuration.
Experience with additional NGFW platforms including Palo Alto Networks and Fortinet is advantageous.

Qualifications:

Bachelor's degree in computer science, Information Technology, or a related field, or equivalent demonstrable experience.
Minimum 5 years of technical experience in cybersecurity implementation and professional services delivery.
Strong client-facing skills: ability to present complex security architectures to both engineering and executive audiences.
Excellent written and verbal communication skills in English; Arabic proficiency is advantageous for client engagements in Oman.

Certifications:

Splunk Cybersecurity Defense Track | Security Operations Focus

Splunk Certified Cybersecurity Defense Analyst
Splunk Certified Cybersecurity Defense Engineer
Splunk Certified Cybersecurity Defense Architect

Splunk Platform Administration Track | Infrastructure / Deployment Focus

Splunk Enterprise Certified Admin
Splunk Enterprise Security Certified Admin
Splunk Enterprise Certified Architect
Splunk SOAR Certified Automation Developer

Cisco Security Certifications

Cisco Certified (CCIE Security)
Cisco Certified (CCNP Security)

Broader Security Certifications

Certified Information Systems Security Professional (CISSP)
Certified Ethical Hacker (CEH)
GIAC Security Operations Certified (GSOC)

About Taozeef

Tao means the “Path” in Chinese

Taozeef means “recruitment” in Arabic.

As the name implies Taozeef strives to create a path connecting the best talent with the right Employer offering infinite jobs, infinite search and infinite opportunities.

Accuracy, focus and future vision is what we offer to meet our clients requirements.

Talent Management Services are provided for our corporate clients and career coaching and guidance for our Talent.

View Our Open Positions at: www.careers-page.com/taozeef#openings

Industry

Consulting & Advisory

Company Size

1-10 employees

Headquarters

Unknown

Year Founded

2016

Website

taozeef.com

Social Media