Splunk Specialist

At Uni Systems, we are working towards turning digital visions into reality. We are continuously growing, and we are looking for a Splunk Specialist to join our UniQue team.

What will you be bringing to the team?

• Manage Splunk components deployed across 50+ T3 enclaves on high-side and low-side networks.
• Operate and maintain a T2 SIEM environment consisting of 80+ Linux servers (virtual and physical).
• Administer the full Splunk stack, including Splunk Enterprise, Splunk Enterprise Security, Splunk SOAR, and Splunk UBA.
• Manage Splunk deployments across 350+ servers in T2 and T3 environments.
• Implement and maintain automated deployment and configuration mechanisms using Ansible and Git.
• Collect logs from 20,000+ endpoints, appliances, and cloud solutions, ensuring end-to-end log lifecycle management.
• Integrate new data sources into the T2 Splunk environment and coordinate the deployment of devices hosting log sources with customers.
• Configure and manage Splunk components on Linux servers within T2 and T3 environments, including execution of privileged system-level activities.
• Coordinate with Linux OS management teams where responsibilities overlap.
• Ensure Splunk Enterprise Security is properly configured and correlation rules operate reliably.
• Maintain overall SIEM service quality, stability, and performance through continuous monitoring and optimization.
• Drive improvements in log coverage, data quality, and platform efficiency.
• Provide technical support related to SIEM platform usage and data ingestion (excluding security analysis and rule creation), coordinating with stakeholders when required.
• Define, maintain, and improve operational processes related to SIEM and log collection services.
• Develop, maintain, and keep technical and operational documentation up to date.
• Ensure compliance with internal processes, including Change Requests (CRs) and operational workflows.
• Manage user access, permissions, and role-based access controls (RBAC) within Splunk.

Requirements

What do you need to succeed in this position?

• Bachelor's degree
• Minimum 2 years of experience working on complex & distributed environments
• Proven experience managing and scaling complex Splunk environments, including Indexer Clustering, Search Head Clustering, and multi-site deployments.
• Deep knowledge of Splunk configuration files, data lifecycle management
• Minimum 2 years of hands-on experience in a Linux environment, with a proven track record in: 1) CLI & System Navigation: Advanced command-line operations, file system management, and permissions (UID/GID, ACLs). 2) Service Management: Demonstrated ability to independently install, configure, and troubleshoot application services (specifically Splunk) on Linux-based servers. 3) Technical Scope: Focus is on application-level deployment; hardware configuration and kernel-level patching are excluded from the minimum requirements.
• Solid understanding of DNS, HTTP(S), SSH, syslog, TCP/IP, and TLS/SSL.
• Strong grasp of IT security principles, including: Log integrity, Encryption in transit, and Role-Based Access Control (RBAC)
• Demonstrated ability to create and execute Ansible playbooks for automated infrastructure and configuration management.
• Proven ability to write and maintain functional scripts in Python and Bash for data processing or task automation.
• Proficiency in using GitHub (or similar Git-based tools) for configuration management, including branching, committing, and merging code.
• Εxcellent use of the English language (verbal & written)

At Uni Systems, we are providing equal employment opportunities and banning any form of discrimination on grounds of gender, religion, race, color, nationality, disability, social class, political beliefs, age, marital status, sexual orientation or any other characteristics. Take a look at our Diversity, Equality & Inclusion Policy for more information.