Strength. Care. Growth

A1 Competence Delivery Center is a vital component of A1’s telecommunications business. Acting as an expertise hub, CDC is dedicated to delivering a full range of high-quality IT, network, financial and other services to support A1’s operations across all OpCos, independent of location.

Using the power of being OneGroup and leveraging synergies, CDC enables transparency of resources, key skills and knowledge expansion and personal career growth opportunities’ enhancement, paired with job stability.

You will know we are the right place for you, if you are driven by:

• Opportunities to learn and build your career.
• Meaningful work in a stable and fast-paced company.
• Diversity of people, projects, and platforms.
• A supportive, fun, and inspiring place to work.

​Role Overview:

Responsible for administering and engineering the Splunk Enterprise/SIEM platform by ensuring high availability, optimizing log ingestion, and leading upgrades, scaling, and data integration initiatives. The role also focuses on automation, data quality, and close collaboration with security teams to support detection capabilities and platform reliability.

Role insights:

• Maintain and enhance the Splunk Enterprise platform, including core components such as Search Heads, Indexers, Cluster Masters, and Deployment Servers to ensure high availability and reliability.
• Manage and optimize forwarder infrastructure (Heavy and Universal Forwarders) to support stable and efficient log ingestion across environments.
• Lead platform upgrades, scaling initiatives, and architectural improvements to support business growth and evolving security needs.
• Drive data onboarding and integration from cloud, on-premises, and hybrid sources while ensuring structured, high-quality, and CIM-compliant data.
• Develop automation scripts and engineering improvements (e.g., Python, Bash, Ansible) to streamline deployments, maintenance, and data onboarding workflows.
• Collaborate with SOC analysts, threat hunters, and detection engineers to ensure data readiness, troubleshoot platform issues, and contribute to internal engineering standards and best practices.

What makes you unique:

• Bachelor’s or Master’s degree in Information Security, Computer Science, or related field.
• 3–5+ years of hands‑on experience administering and engineering Splunk Enterprise/SIEM platforms.
• Strong hands-on experience with Splunk Enterprise as a platform engineer/admin.
• Expertise in: Deployment servers, Heavy forwarders, Parsing and filtering, TA/APP development, Data onboarding at scale.
• Solid understanding of: Linux, Networking fundamentals, Logging architectures.
• Scripting skills (Python preferred).
• Experience in cybersecurity/SIEM environments.
• Familiarity with cloud environments (especially Azure/M365) is a plus.
• Splunk certifications (Admin, Architect, Core, ES Analyst) are a strong advantage.

Our gratitude for the job done will be eternal, but we’ll also offer you:

• Innovative technologies and platforms to work with.
• Modern working environment for your comfort.
• Friendly, ambitious, and motivated teammates to support each other.
• Thousands of online and in-person learning opportunities for you to grow.
• Challenging assignments and career development opportunities in multinational environment.
• Attractive compensation package.
• Hybrid working model.
• Numerous additional benefits, including, but not limited to free A1 services.

If you have any questions,  please do not hesitate to contact  Nadya Georgieva.