Splunk Engineer – Enterprise Security & Platform Ownership

This is an onsite role based at Nextiva’s Bengaluru office (Wilshire III by MFAR, 492, Hobli, RHB Colony, Mahadevapura, Bengaluru, Karnataka 560048). Working together onsite strengthens how we operate, enabling faster decisions, clearer communication, and stronger execution, so you can make a greater impact and move work forward with speed and clarity. 

In-Office Expectation: This role is expected to work onsite five days per week, supporting a highly collaborative, in-person team environment. 

The Information Security Engineer (Splunk SIEM) is responsible for the design, implementation, operation, and continuous improvement of the organization’s Splunk-based log management and Security Information and Event Management (SIEM) platform.

This role requires ownership of a hybrid Splunk environment (Splunk Enterprise and Splunk Cloud) and focuses on building and maturing Splunk Enterprise Security (ES) to provide actionable visibility into security events across infrastructure, applications, and cloud environments.

The engineer will also support broader security operations, including incident response, threat detection, automation, and integration with other security tools.

Education & Experience

• Bachelor’s degree in Information Technology, Computer Science, or related field (or equivalent experience)
• 5+ years of experience in:
  • Splunk administration/engineering
  • SIEM operations or security engineering
  • Infrastructure, cloud, or network security

Key Responsibilities

Splunk Platform Engineering

• Design, implement, and maintain Splunk Enterprise, Splunk Cloud, and Splunk Enterprise Security (ES)
• Own the Splunk platform end-to-end, including architecture, configuration, and optimization
• Design and manage indexer clusters, search head clusters, and deployment infrastructure
• Define and manage forwarder architecture (Universal Forwarders vs Heavy Forwarders)
• Ensure platform scalability, high availability, and performance

Data Ingestion & SIEM Operations

• Work with infrastructure, DevOps, and application teams to onboard logs from all critical systems
• Ensure data is CIM-compliant and suitable for security analytics
• Optimize ingestion pipelines to balance visibility and licensing costs
• Manage data retention policies and storage optimization

Enterprise Security (ES) Development

• Design and implement correlation searches, alerts, dashboards, and reports
• Build and enhance detection use cases to identify threats and anomalies
• Develop and maintain data models, asset and identity frameworks
• Improve ES maturity from basic alerting to advanced security monitoring and response

Performance & Capacity Management

• Monitor and troubleshoot SIEM performance, including search latency and indexing delays
• Manage capacity planning, licensing, and system growth
• Perform system tuning and optimization for large-scale data environments

Automation & Integration

• Integrate Splunk with SOAR platforms, ticketing systems, and other security tools
• Develop automation for alert enrichment, response, and operational efficiency
• Utilize scripting (Python, APIs) for automation and system integration
• Apply AI/ML techniques to enhance detection and anomaly identification

Incident Response & Security Operations

• Investigate and respond to security alerts and incidents
• Perform root cause analysis and recommend corrective actions
• Support incident response processes and on-call rotations
• Improve detection and response workflows continuously

Security Governance & Compliance

• Support implementation of security frameworks (ISO 27001, NIST, CIS, PCI)
• Participate in audits, risk assessments, and compliance activities
• Document monitoring, detection, and response procedures
• Contribute to security policies, standards, and best practices

Competencies

• Strong analytical problem-solving skills and attention to detail.
• Organization, Time Management & Prioritization - Self-starter that focuses on key priorities; plans, organizes, schedules and executes on tasks and projects in an efficient and productive manner.
• Ability to form productive relationships across the organization to accomplish information security objectives.
• Ability and willingness to learn all aspects of the information security field.
• Professional verbal and written communication skills in English.
• Expresses ideas using clear, effective, and efficient language. Listens patiently and attentively. Adapts to the purpose of the communication with appropriate style, substance, detail, confidence and channel. Possess the ability to manage multiple channels of communication simultaneously; phone, email, tickets, and chat.
• Able to assess, document, and prioritize identified security flaws and vulnerabilities based on risk.

Nextiva DNA (Core Competencies)

Nextiva’s most successful team members share common traits and behaviors:

• Drives Results: Action-oriented problem solvers who quickly bring clarity and simplicity to ambiguity, challenge the status quo, and lead meaningful change; celebrating wins to fuel momentum. They act swiftly and pragmatically, learning and improving as they go.
• Critical Thinker: Data-driven, forward-thinking individuals who identify key drivers, anticipate risks, and deliver clear recommendations. They confidently leverage AI and automation to reduce friction, improve decision-making, and focus on higher-value work.
• Right Attitude: Collaborative, competitive, and resilient team players who jump in to solve tough problems, learn from setbacks, and foster a culture of service, respect, and care for customers and teammates.

Total Rewards

Our Total Rewards offerings are designed to allow our employees to take care of themselves and their families so they can be their best, in and out of the office.

Our compensation packages are tailored to each role and candidate's qualifications. We consider a wide range of factors, including skills, experience, training, and certifications, when determining compensation. We aim to offer competitive salaries or wages that reflect the value you bring to our team. Depending on the position, compensation may include base salary and/or hourly wages, incentives, or bonuses.

• Medical 🩺 - Medical insurance coverage is available for employees, their spouse, and up to two dependent children with a limit of 500,000 INR, as well as their parents or in-laws for up to 300,000 INR. This comprehensive coverage ensures that essential healthcare needs are met for the entire family unit, providing peace of mind and security in times of medical necessity.
• Group Term & Group Personal Accident Insurance 💼 - Provides insurance coverage against the risk of death / injury during the policy period sustained due to an accident caused by violent, visible & external means.
  • Coverage Type - Employee Only
  • Sum Insured - 3 times of annual CTC with minimum cap of INR 10,00,000
  • Free Cover Limit - 1.5 Crore
• Work-Life Balance ⚖️ - 15 days of Privilege leaves per calendar year, 6 days of Paid Sick leave per calendar year, 6 days of Casual leave per calendar year. Paid 26 weeks of Maternity leaves, 1 week of Paternity leave, a day off on your Birthday, and paid holidays
• Financial Security💰 - Provident Fund & Gratuity
• Wellness 🤸‍ - Employee Assistance Program and comprehensive wellness initiatives
• Growth 🌱 - Access to ongoing learning and development opportunities and career advancement

At Nextiva, we're committed to supporting our employees' health, well-being, and professional growth. Join us and build a rewarding career! 

Beware of Recruitment Fraud: At Nextiva, we follow a merit-based hiring process and do not charge any fees or require a deposit at any stage.  We also do not authorize any third parties to collect payments or sensitive information on our behalf. 

All genuine communications from Nextiva originate from official email addresses ending in “@nextiva.com”.  Communications received from free email services (such as Gmail, Yahoo, or Hotmail) purporting to be from Nextiva should be treated as fraudulent.  If you are contacted by a third-party claiming to represent us, please verify their credentials by writing to [[email protected]]. 

We encourage candidates to stay vigilant and verify the authenticity of any communication claiming to be from Nextiva, including unsolicited calls, WhatsApp messages and Telegram communications. While we strive to maintain a secure hiring process, Nextiva is not responsible for any losses arising from fraudulent activities.

For genuine opportunities, please apply only through our official careers site: [Careers URL / Nextiva LinkedIn authentic jobs].

If you believe that you have been a victim of recruitment fraud, please contact your law enforcement agencies immediately.

#LI-SR1 #LI-Onsite