Splunk Administrator

Splunk Administrator

NO H1B

Role responsibilities:
Data engineering
Onboard data to Splunk via forwarder, scripted inputs, TCP/UDP, and modular inputs from a variety of sources.
Develop and implement strategies to normalize current and future log data, making it consistent and usable for analysis.
Assess existing Splunk data feeds and implement changes to improve overall SIEM health and align with best practices
Diagnose and resolve issues related to log ingestion and normalization.
Administration & Support
Provide operations and maintenance support for a distributed Splunk environment consisting of heavy forwarders, indexers, and search head servers
Build, implement, and administer Splunk in Linux environments
Work with existing and custom Splunk applications and add-ons to fulfil customer needs
Editing and maintaining Splunk configuration files and apps
Maintain comprehensive documentation of log onboarding and normalization processes.
Support security operational teams

Required qualifications:
Splunk
4 Years Experience with Splunk Enterprise hands-on Engineering & Administration deployment, troubleshooting, onboarding data, and maintenance in a clustered environment
Experience with Splunk data ingestion methods, including forwarders, HTTP Event Collector (HEC), and scripted inputs.
Experience implementing CIM compliance and optimizing Splunk data models
Proficiency in SPL
In-depth knowledge of various log formats (e.g., syslog, JSON).
IT & Security principles
3 years of experience with Linux OS, services, daemons, and VMs
Solid understanding of IT infrastructure, including networking, operating systems, and security principles.
Solid understanding of security operations and common log source requirements for security appliances and endpoints
Ability to follow Change & Configuration Management, utilizing automation tools, such as Git.
Additional competencies
Splunk Enterprise Certified Admin or other relevant credentials
Industry Certifications such as GDAT or GMON
Experience with other cyber security tools and technologies
Proficiency in scripting languages such as Python, Bash

Skills

Specific Skills

Skill

Requested

Response type

Experience with Splunk Enterprise hands-on Engineering & Administration deployment, troubleshooting, onboarding data, and maintenance in a clustered environment

Senior (6-9)

Experience levels

Proficiency in SPL

Senior (6-9)

Experience levels

• Experience implementing CIM compliance and optimizing Splunk data models

Senior (6-9)

Experience levels

• Experience with Splunk data ingestion methods, including forwarders, HTTP Event Collector (HEC), and scripted inputs

Senior (6-9)

Experience levels

• In-depth knowledge of various log formats (e.g., syslog, JSON).

Senior (6-9)

Experience levels

Sector skills

Skill

Requested

Response type

4 years of experience with Linux OS, services, daemons, and VMs

Professional (4-5)

Experience levels

Ability to follow Change & Configuration Management, utilizing automation tools, such as Git.

Professional (4-5)

Experience levels

Solid understanding of IT infrastructure, including networking, operating systems, and security principles.

Professional (4-5)

Experience levels

Solid understanding of security operations and common log source requirements for security appliances and endpoints

Professional (4-5)

Experience levels

Domain skills

Skill

Requested

Response type

Experience with other cyber security tools and technologies

Yes

Yes / No

Industry Certifications such as GDAT or GMON

Yes

Yes / No

Proficiency in scripting languages such as Python, Bash

Yes

Yes / No

Splunk Enterprise Certified Admin or other relevant credentials

Yes

Yes / No