···
Log in / Register

Splunk SME

Indeed
Full-time
Onsite
No experience limit
No degree limit
Pje. Centenario 119, C1405 Cdad. Autónoma de Buenos Aires, Argentina
Favourites
Share

Description

Summary: Seeking a Splunk Subject Matter Expert with strong experience in Operational Technology (OT) environments to design and implement end-to-end Splunk solutions for security monitoring, observability, and compliance. Highlights: 1. Act as the SME for Splunk within OT environments. 2. Design scalable, resilient, and secure Splunk architectures. 3. Enable security visibility for OT environments. GBS Chevron Global Business Services (GBS), located in Buenos Aires (Puerto Madero), Argentina, is accepting applications for the position of Splunk Subject Matter Expert. Successful candidates will join the IT Organization, which is part of a multifunction service and technical center with a workforce of more than 1800 employees that deliver business services and solutions to the corporation across the globe. We are seeking a Splunk Subject Matter Expert (SME) with strong experience in Operational Technology (OT) environments to join our team. This role is responsible for designing and implementing end‑to‑end Splunk solutions to support security monitoring, observability, and compliance across OT environments. The ideal candidate will have deep technical expertise in Splunk architecture and integrations, combined with a solid understanding of OT systems and industrial environments. Knowledge of IAM, on‑premises infrastructure, and secure remote access is considered a strong plus. **Key Responsibilities** **Splunk Architecture \& Solution Design** * Act as the **SME for Splunk** within OT environments. * Design **scalable, resilient, and secure Splunk architectures** (standalone, distributed, indexer clusters, heavy forwarders). * Define data ingestion strategies aligned with OT constraints (segmentation, isolation, bandwidth limitations). * Ensure alignment with enterprise logging, security, and compliance requirements. **Splunk Implementation \& Operations** * Implement **end**‑**to**‑**end Splunk solutions**, from data onboarding to dashboards, alerts, and reports. * Configure and manage: * Indexers, heavy forwarders, and universal forwarders * Data models, CIM alignment, and knowledge objects * Optimize performance, availability, and license usage. * Support upgrades, patching, and lifecycle management of Splunk components. **Integrations \& App Development** * Design and develop **custom Splunk apps and integrations** for OT and security platforms (e.g., antivirus, asset inventory management solutions, industrial systems). * Build and maintain: * Custom inputs and modular inputs * Field extractions, transforms, and parsers * Dashboards, alerts, and correlation searches **OT Security \& Monitoring Use Cases** * Enable security visibility for OT environments, including: * Authentication and access events * Privileged access and credential usage * Asset and system activity monitoring * Support incident detection, investigation, and audit requirements for OT. * Collaborate with cybersecurity and OT teams to define logging and monitoring standards. **Collaboration \& Advisory Role** * Act as a **technical advisor** to internal stakeholders on Splunk and OT logging strategy. * Work closely with security, infrastructure, and platform teams. * Contribute to standards, documentation, and best practices for Splunk in OT environments. * Support knowledge sharing and technical guidance within the team. **Required Qualifications** * Strong hands‑on experience with **Splunk** in complex environments. * Proven expertise in: * Splunk architecture design * Data onboarding and normalization * Dashboarding, alerting, and reporting * Experience working with **OT environments** and understanding their constraints. * Solid understanding of **security logging and monitoring concepts**. * Experience implementing complete Splunk solutions, not just operating existing ones. **Desired / Nice**‑**to**‑**Have Skills** * Knowledge or experience in **Identity and Access Management (IAM)**. * Experience with **on**‑**premises infrastructure** (Windows, networking). * Knowledge of **Secure Remote Access** solutions and architectures. * Experience integrating Splunk with different solutions. * Scripting or automation skills (ansible, PowerShell). * Splunk certifications (Architect, Admin, Power User) are a plus. **Relocation Options:** Relocation **may be** considered. **International Considerations:** Expatriate assignments **will not be** considered Chevron participates in E\-Verify in certain locations as required by law.

Source:  indeed View original post
Sofía González
Indeed · HR

Company

Indeed
Sofía González
Indeed · HR

Similar jobs

Cookie
Cookie Settings
Our Apps
Download
Download on the
APP Store
Download
Get it on
Google Play
© 2025 Servanan International Pte. Ltd.