Job description

The Senior Splunk Engineer at Tamkeen Technologies in Riyadh is a critical role responsible for enhancing the organization's IT security and operational monitoring capabilities through advanced Splunk solutions. This position involves designing, developing, and maintaining scalable Splunk infrastructure across multi-tenant MSSP environments, including administration of indexers, search heads, forwarders, and heavy forwarders. The engineer will implement best practices in data onboarding, including parsing, indexing, field extractions, and props/transforms, while optimizing SPL queries, dashboards, alerts, and reports to deliver actionable insights. Collaborating with SOC analysts, threat hunters, and client security teams, the role ensures comprehensive visibility and detection across IT environments. Responsibilities also include maintaining compliance with internal security policies and regulatory frameworks, implementing data retention policies, role-based access control, and delivering high availability and performance across the Splunk platform. The engineer will provide technical expertise and guidance to internal teams and MSSP clients, documenting architecture, configurations, processes, and operational runbooks, supporting client onboarding, use case development, and integrations with threat intelligence, SOAR, and third-party tools. This role requires proactive problem-solving, root cause analysis for performance and ingestion issues, and the ability to lead complex Splunk deployments in high-demand cybersecurity environments.