Role: Splunk Engineer/Administrator

Location: TX (Hybrid)
Duration: 12+ Month Contract

Introduction: As a Splunk Engineer/Administrator, you will be responsible for managing, designing, and configuring Splunk environments in both on-premises and cloud settings. You will play a crucial role in supporting, maintaining, and expanding the Splunk infrastructure to meet future architecture design and deployment requirements.

Responsibilities:

• Support, admin, maintain, and expand Splunk infrastructure to meet future architecture design and deployment requirements.
• Develop distributed Splunk applications, including requirement gathering and coordinating Splunk setup.
• Recommend Splunk implementation best practices and fixes.
• Design, implement, and optimize Splunk applications, queries, knowledge objects, and data models.
• Perform basic and advanced scripting tasks with Splunk to automate repeatable processes using Python.
• Deploy Best Practices for developing Splunk Apps and create a conceptual architecture for a continuous improvement initiative.
• Provide an Impact assessment for migration efforts.
• Support Performance Testing and User Acceptance Testing.
• Design and implement Custom Searches and reports.
• Build proof of concepts for Splunk enhancements.
• Tuning information model, defining reusable templates.
• Define reusable view templates, and retention & archival policies.
• Provide an Impact assessment for migration efforts and coordinate migration activities.

Requirements:

• 8+ years of overall IT experience.
• 3+ years’ experience in managing, designing, and configuring Splunk environments (both on-prem and cloud).
• 3+ years’ experience in a Linux environment, including administration, scripting, or supporting applications.
• Experience with Splunk Enterprise Security Premium Application and Splunk Enterprise.
• Experience in requirement gathering and documentation.
• Experience in developing and supporting Splunk Applications.
• Experience in automation with programming languages like Python, JAVA, .NET, and Ansible is a plus.
• Experience in technologies like GIT, JIRA, and Automation Testing.
• Familiarity with Phantom, Cloud computing, Web Interfaces, Databases, Big Data technologies (like Hadoop, Kafka, etc.).
• Understanding of Continuous Delivery and Continuous Integration.
• Splunk Admin Certification is mandatory.
• Excellent communication and interpersonal skills.
• Splunk core admin experience is mandatory.

Nice to Have:

• Experience in Security information and event management (SIEM).
• Experience with RTIR.
• Certifications in Splunk, CISSP or similar.