← Back to Jobs
CYBER GATE DEFENSE L.L.C. | abu dhabi, United-Arab-Emirates | Posted June 11, 2026
Position Overview
Deployment Architecture - Deploy Splunk Enterprise in a distributed architecture
- Configure indexers, search heads and forwarders
- Implement clustering for Indexer and SH Cluster
Log Source Onboarding - Configure Universal Forwarders
- Configure Heavy Forwarders
- Create data inputs for syslog, API, and cloud integrations
- Set up index creation and retention policy configuration
- Perform field extraction, sourcetype validation, and parsing
Detection Use Case Engineering - Develop SPL‑based detection queries
- Create correlation searches in ES
- Implement Risk‑Based Alerting (RBA)
- Fine‑tune alerts to reduce false positives
- Conduct use‑case gap analysis
Log Validation Troubleshooting - Validate the ingestion pipeline for Forwarder, Indexer and Search Head
- Troubleshoot parsing, indexing and timestamp issues
- Mon...