Splunk Administrator

Title : Splunk Administrator

Location : United States - Culpeper (1621 McDevitt Dr, VA 22701 Culpeper, United States) Hybrid

Role responsibilities :

• Onboard data to Splunk via forwarder, scripted inputs, TCP / UDP, and modular inputs from a variety of sources.
• Develop and implement strategies to normalize current and future log data, making it consistent and usable for analysis.
• Assess existing Splunk data feeds and implement changes to improve overall SIEM health and align with best practices
• Diagnose and resolve issues related to log ingestion and normalization.

Administration & Support

Required qualifications :

Experience with Splunk Enterprise hands-on Engineering & Administration

deployment, troubleshooting, onboarding data, and maintenance in a clustered environment

Proficiency in SPL

Experience implementing CIM compliance and optimizing Splunk data models