Splunk Administrator

The Splunk Administrator will provide Splunk administration support, including operation and maintenance of the log aggregation and Security Information and Event Management (SIEM) platform. The Splunk Admin must have Splunk admin experience preferably in an Enterprise environment, understands and has worked in production and cluster environments. The Splunk Administrator will perform systems analysis, modify and update systems and related data ingestion parameters based on results of analysis, deploy applications and tools, perform testing of deployed applications and tools, and communicate updates to the customer.

Key Responsibilities:

• Establish and maintain configuration and technical support, assist in the technical design process, and provide guidance/direction to customer on how to best get value from Splunk products.
• Troubleshoot and resolve customer tickets
• Provide performance and license tuning for systems and troubleshoot SPLUNK components across multiple network environments.
• Develop, create, deploy, and manage custom SPLUNK monitors, alerts and dashboards.
• Monitor SPLUNK for cluster status, health status, and other issues, and resolve as needed.
• Manage patching and updates of Splunk hosts and/or Splunk application software.
• Monitor and audit configurations and participate in the Change Management process to ensure that unauthorized changes do not occur.
• Perform data ingestion and visualization for Splunk.
• Build and integrate contextual data into notable events.
• Perform integration activities to connect with 3rd party software APIs.

Must have’s:

• At least five (5) years of experience with Splunk implementing and administering Splunk
• Experience writing Splunk queries in Splunk Programming Language (SPL).
• Certified Splunk Enterprise Administrator or Certified Splunk Administrator.
• Analytical ability, problem-solving skills, and ability to break down complex problems into actionable steps.
• Experience must include a wide range of work in creating diagrams and documentation with all components that comprise IT systems including network topology.
• Experience in production and cluster environments
• Experience selecting effective methods, techniques, and evaluation criteria to achieve desired outcomes.