*Job Description: * Join our team as a Splunk Engineer/Administrator and lead the way in designing, configuring, and supporting Splunk environments. You'll develop Splunk applications, implement best practices, and drive innovation. *Qualifications: * 8+ years of overall IT experience. 3+ years experience in managing, designing, and configuring Splunk environment (both on-prem and cloud). 3+ years experience in a Linux environment, including administration, scripting, or supporting applications. Experience with Splunk Enterprise Security Premium Application and Splunk Enterprise. Experience in requirement gathering and documentation. Experience in developing and supporting Splunk Applications. Experience in automation with programming languages like Python, JAVA, .NET, and Ansible is a plus. Experience in technologies like GIT, JIRA, and Automation Testing. Familiarity with Phantom, Cloud computing, Web Interfaces, Databases, Big Data technologies (like Hadoop, Kafka, etc.). Understanding of Continuous Delivery and Continuous Integration. Splunk Admin Certification is mandatory. Excellent communication and interpersonal skills. Splunk core admin experience is mandatory. *Responsibilities: * Support, admin, maintain, and expand Splunk infrastructure to meet future architecture design and deployment requirements. Develop distributed Splunk applications, including requirement gathering, coordinating Splunk setup. Recommended Splunk implementation best practices and fixes. Design, implement, and optimize Splunk applications (to include Enterprise Security), queries, knowledge objects, and data models. Perform basic and advanced scripting tasks with Splunk to automate repeatable processes using Python. Deploy Best Practices for developing Splunk Apps and create a conceptual architecture for a continuous improvement initiative. Provide an Impact assessment for migration efforts. Support Performance Testing and User Acceptance Testing. Design and implement Custom Searches and reports. Build proof of concepts for Splunk enhancements. Tuning information model, defining reusable templates. Define reusable view templates, and retention & archival policies. Provide an Impact assessment for migration efforts and coordinate migration activities.
*Nice to Have: * Experience in Security information and event management (SIEM). Experience with RTIR. Certifications in Splunk, CISSP or similar.
Never miss an opportunity! Create an alert based on the job you applied for.
