Job Description
Similar Jobs
Please verify your account first!
Send OTP
Please click on the Apply to verify the status of jobs posted more than 15 days ago, as they may have expired. Similar Jobs
Job Description
- About Gruve
Gruve is an innovative software services startup dedicated to transforming enterprises to AI powerhouses. We specialize in cybersecurity, customer experience, cloud infrastructure, and advanced technologies such as Large Language Models (LLMs). Our mission is to assist our customers in their business strategies utilizing their data to make more intelligent decisions. As a well-funded early-stage startup, Gruve offers a dynamic environment with strong customer and partner networks.
About The Role
We are looking for a highly skilled SIEM Consultant with deep hands-on experience in designing, implementing, and configuring Splunk SIEM solutions. The ideal candidate will be responsible for deploying Splunk into customer environments, onboarding diverse log sources, configuring security use cases, and integrating external tools for end-to-end threat visibility. This role demands strong technical expertise, project delivery experience, and the ability to translate security monitoring requirements into Splunk configurations and dashboards.
Key Responsibilities
SIEM Design & Implementation
Lead the design and deployment of Splunk architecture (single/multi-site, indexer clustering, search head clustering).
Define data ingestion strategies and architecture best practices.
Install, configure, and optimize Splunk components (forwarders, indexers, heavy forwarders, search heads, deployment servers).
Set up and manage Splunk deployment servers, apps, and configuration bundles.
Log Source Onboarding
Identify, prioritize, and onboard critical log sources across IT, cloud, network, security, and applications.
Develop onboarding playbooks for common and custom log sources.
Create parsing, indexing, and field extraction logic using conf, transforms.conf, and custom apps.
Ensure log data is normalized and categorized according to CIM (Common Information Model).
Use Case Development & Configuration
Work with SOC teams to define security monitoring requirements and detection logic.
Configure security use cases, correlation rules, and alerting within Splunk Enterprise Security (ES) or core Splunk.
Develop dashboards, alerts, and scheduled reports to support threat detection, compliance, and operational needs.
Tune and optimize correlation rules to reduce false positives.
Tool Integration
Integrate Splunk with third-party tools and platforms such as ticketing systems (ServiceNow, JIRA), Threat Intelligence Platforms (Anomali), SOAR platforms (Splunk SOAR, Palo Alto XSOAR), and Endpoint & Network tools (CrowdStrike, Fortinet, Cisco).
Develop and manage APIs, scripted inputs, and custom connectors for data ingestion and bidirectional communication.
Documentation & Handover
Maintain comprehensive documentation for architecture, configurations, onboarding steps, and operational procedures.
Conduct knowledge transfer and operational training for security teams.
Create runbooks, SOPs, and configuration backups for business continuity.
Prepare HLD and LLD documents for Solution.
Looking to get Placed? Try our Placement Guarantee Plan
Required Skills & Experience
5+ years of experience in SIEM implementation, with at least 3 years focused on Splunk.
Strong knowledge of Splunk architecture, deployment methods, data onboarding, and advanced search.
Experience in building Splunk dashboards, alerts, and use case logic using SPL (Search Processing Language).
Familiarity with Common Information Model (CIM) and data normalization.
Experience integrating Splunk with external tools and writing automation scripts (Python, Bash, etc.).
Preferred Certifications
Splunk Core Certified Power User
Splunk Certified Admin or Architect
Splunk Enterprise Security Certified Admin (preferred)
Security certifications like CompTIA Security+, GCIA, or CISSP (optional but beneficial)
Why Gruve
At Gruve, we foster a culture of innovation, collaboration, and continuous learning. We are committed to building a diverse and inclusive workplace where everyone can thrive and contribute their best work. If you're passionate about technology and eager to make an impact, we'd love to hear from you.
Gruve is an equal opportunity employer. We welcome applicants from all backgrounds and thank all who apply; however, only those selected for an interview will be contacted.,
Skills
Project DeliveryConsultantAutomation Scripts PythonData NormalizationCommon Information Model CIMSIEM ImplementationSplunk ArchitectureData OnboardingIntegrating Splunk With External ToolsBashAdvanced SearchSPLIf an employer asks you to pay any kind of fee, please notify us immediately. Jobaaj does not charge any fee from the applicants and we do not allow other companies also to do so.
Important dates & deadlines?
Application Deadline
23 Oct 25, 02:54 PM IST
Similar Jobs
View All
Loading...
Don't Miss out any Updates
Subscribe now for the latest job alerts
and never miss an update
Job Alert
Google hiring for Specific Roles Apply Now!
1 min ago
New Opportunity
Amazon is hiring freshers Apply Now!
5 min ago
Featured Jobs
Microsoft opening 50+ positions Apply Now!
10 min ago
