Splunk Administrator

Role Overview:
Responsible for managing and optimizing the Splunk infrastructure to ensure reliability, performance, and security. Collaborates with IT and security teams to implement monitoring and data visibility solutions.

Key Responsibilities:

• Install, configure, and maintain Splunk (forwarders, indexers, search heads)

• Perform upgrades, patching, and system performance monitoring

• Troubleshoot and optimize Splunk environment

• Develop dashboards, reports, and alerts

• Integrate with other IT systems and provide support/training to users

• Ensure effective data ingestion and system documentation

Required Qualifications:

• Bachelor's degree or equivalent experience

• Splunk Enterprise Certified Administrator

• 5+ years Splunk Admin experience, 3+ years AWS experience

• Strong Linux/Windows troubleshooting and log management skills

• Proficiency in networking concepts

• Experience with Infrastructure as Code (Terraform, Ansible)

• Excellent communication and problem-solving skills

Preferred Qualifications:

• Red Hat certifications (RHCSA/RHCSE)

• Splunk ES, AWS certifications (Solutions Architect/SysOps)

• CISSP, FedRAMP or DoD experience

• Scripting (Python, PowerShell, Bash)

• Familiarity with NIST compliance (800-171, 800-53)