Splunk Administrator

Mortgage Company

100% REMOTE

Needed ASAP

Contract to hire

Must work on W2 without sponsorship

Splunk Administrator

Seeking a skilled and proactive Splunk Administrator to join our IT operations and cybersecurity team. The ideal candidate will be responsible for deploying, maintaining, optimizing, and securing our Splunk platform across the enterprise. This role is essential in ensuring high availability of Splunk infrastructure, developing dashboards, and supporting threat detection and operational intelligence efforts.

Key Responsibilities:

• Install, configure, and maintain Splunk Enterprise and related applications.
• Onboard new data sources and develop field extractions, alerts, reports, and dashboards.
• Monitor system health, performance, and capacity of Splunk architecture.
• Support incident response by providing relevant logs and creating forensic queries.
• Automate tasks using scripting (Bash, Python, PowerShell).
• Ensure Splunk environment adheres to security and compliance standards.
• Work with stakeholders (security, DevOps, data teams) to improve observability and system insights.
• Collaborate with SOC and infrastructure teams to enhance detection capabilities.
• Maintain Splunk documentation including SOPs, architecture diagrams, and runbooks.
• Stay up to date with Splunk updates, best practices, and emerging technologies.

Qualifications:

Required:

• 3 5 years of experience in Splunk administration.
• Hands-on experience with Splunk Enterprise and Universal Forwarders.
• Strong knowledge of Splunk query language (SPL).
• Experience in Linux system administration.
• Familiarity with logging standards and data onboarding best practices.
• Excellent problem-solving and communication skills.

Preferred:

• Splunk Certified Power User or Splunk Certified Admin.
• Experience with Splunk Enterprise Security (ES) or ITSI modules.
• Knowledge of syslog, SNMP, Windows Event Logs, and cloud logging.
• Background in cybersecurity, IT operations, or compliance frameworks.