Security Automation Engineer- Splunk

As a Security Automation Leader, you will play a critical role in enhancing our cybersecurity posture through automation, data analytics, and intelligent tooling. Your responsibilities will include:Design, implement, and maintain distributed and clustered Splunk environments, ensuring seamless integration with infrastructure tools, security devices, and application platforms.Partner with cross-functional teams to drive automation efforts using Splunk, Python, dashboard, and AI-powered tools such as Copilot, aligning with security and operational goals.Oversee the health and performance of Splunk search heads, indexers, and forwarders, ensuring high availability and scalability for activities impacting the security engineering teamOptimize Data Ingestion Pipelines: Configure and manage data inputs, indexes, and source types to ensure accurate and efficient data collection from diverse sources.Develop Splunk Use Cases and Content: Create and maintain dashboards, reports, alerts, and other Splunk artifacts to support evolving security monitoring and operational needs.Administer Splunk Access Controls: Manage user roles, authentication mechanisms, and access permissions to maintain a secure and compliant Splunk environment.Enhance Search Performance: Continuously fine-tune existing SPL queries and dashboards for optimal performance and reduced latency.Deploy and Upgrade Splunk Applications: Install and update custom and Splunk base applications, ensuring compatibility and alignment with business requirements.Troubleshoot and Resolve Issues: Investigate and resolve technical issues using Splunk logs, Linux command-line tools, and Python scripting. Escalate and document bugs or vendor-related issues as needed.Drive Root Cause Analysis and Documentation: Reproduce issues, perform root cause analysis, and document findings to support continuous improvement and knowledge sharing.Education:Bachelor’s degree in computer science or related field.Certifications (preferred but not explicitly listed):Splunk Certified Power User / Admin / ArchitectCoding development using Python and similarEssential:You must be well versed with Splunk SPL, Linux commands and python scriptingDesign, deployment, and maintenance of distributed/clustered Splunk environmentsManagement of search heads, indexers, forwardersData ingestion: configuring inputs, indexes, source typesContent creation: dashboards, reports, alertsAccess control: user roles, authenticationApplication management: installing/upgrading custom and Splunk base appsScripting & TroubleshootingLinux command-line skillsPython scripting for automation and troubleshootingLog analysis and issue reproductionBug reporting and vendor escalationYou must be the experienced developer, with good experience in system integration/interfacing.Depending on the project, your duties may include coding, scripting, building new systems (where necessary) and interfaces. For new system build-up, you may need to environment support during SIT/UAT.You are expected to ensure your work are adequately documented and transferred to the production team post-cutover.You will be expected to work with the senior developers and system architect in formulating technical solutions that is fit for purpose for your assigned projects. The solution will need to satisfy all security, regulatory and architectural standards.Integration with infrastructure and security devicesSecurity design architecture and process.Splunk as a core SPL (Search Processing Language) and reportingPython Scripting for automation and troubleshooting.RiDiK is a global technology solutions provider and a subsidiary of CLPS Incorporation(NASDAQ: CLPS), delivering cutting-edge end-to-end services across banking, wealthmanagement, and e-commerce. With deep expertise in AI, cloud, big data, andblockchain, we support clients across Asia, North America, and the Middle East indriving digital transformation and achieving sustainable growth. Operating fromregional hubs in 10 countries and backed by a global delivery network, we combinelocal insight with technical excellence to deliver real, measurable impact. Join RiDiKand be part of an innovative, fast-growing team shaping the future of technologyacross industries