Splunk Admin

Role: Splunk Admin

Location Remote (The candidate has to go to nearest Client office for interview.)

• Splunk implementation and support team. Responsible for the development, communication, implementation and support of a multi tera bytes per day Splunk Cloud Setup.
• New Data point integration and ingestion using API/HEC and third-party data streaming tools.
• Design & administer a Splunk AWS Cloud cluster that can handle terabytes per day ingestion volume
  Provide day-to-day support maintaining multiple large Splunk implementations with over 400 TBs of daily log ingestion
  Install and maintain Splunk Universal forwarder on Application/Web/DB servers
  Perform version upgrades and patch installation on Splunk infrastructure
  Monitor, research, and remediate flagged vulnerabilities of Splunk infrastructure, software, and technical apps and add-ons
  Thoroughly document procedures to support Splunk Infrastructure
  Write scripts to automate Splunk Administration activities
  Provide explanation and information to others on difficult issues
  Participate in on-call for responding to any Splunk related issues and resolve / escalate on time
  Work with Splunk Support to resolve any issues on time
  Define, measure & report key performance indicators reflecting the platform health of Splunk environments
  Develop monitoring for Splunk infrastructure ensure Splunk infrastructure is up and running and performing with maximum efficiency 24X7.
  Identify & quantify the scope and impact of business changes on systems
  Maintain awareness of current technology assets, and the applicability and capability of each
• Implement best practices including user authentication, access controls and data encryption.
• Design, implement and optimize ITSI solutions to meet business needs.
• Develop and maintain ITSI notable event aggregation policies, service templates. Configure entities, services and KPIs to provide meaning full insights into IT operations.
• Implement advanced analytics techniques, such as anomaly detection and predictive analytics, within ITSI to identify and mitigate service issues proactively.
• Develop custom scripts and automation workflows to streamline Splunk administration tasks.
• Monitor Splunk infrastructure performance and health, proactively identifying and resolving issues.
• Troubleshoot Splunk and ITSI configuration, performance, and data ingestion problems.
• Provide recommendations for improving performance, reliability.
• Integrate Splunk with various data sources, analysing the data for parsing to make it CIM compliant.
• Think creatively to discover and support automation opportunities.