Splunk Developer with SignalFx

KMM an ISO 9001:2015, CMMI Level 2 certified company provides high-quality IT consulting services and innovative solutions by using the most effective and modern technologies. We have a core group of Subject Matter Experts with certifications and immense experience in successfully delivering mission-critical solutions. We have extensive industry experience in the financial, insurance, Health IT, media, marketing, retail, and government markets. We have a proven track record in understanding client s business challenges, determine a customer-focused solution, and provide the technical implementation and documentation to bring it to fruition.

Contact:

MUST HAVE:

Signal FX

Role: Splunk Developer (SignalFX)

Location: Iselin, NJ and Charlotte, NC and Fairfax, VA Hybrid

Long-Term Duration

Major Responsibilities/Duties:

Implement archiving solution for security events

Routinely upgrade Splunk Enterprise Security

Implement automation improvements and intuitiveness for security use case orchestration, responses (through Splunk, SOAR or other TIAA internal tool and processes)

Data normalizing /data management / log filtering

Onboarding application logs from various event sources/applications/processes

Leveraging and extending more of Splunk Enterprise Security capabilities

Desired Skills and Experience:

Deep technical knowledge of Splunk Enterprise architecture and components - Forwarders , Search Heads, Indexers, Deployers, License Master, Data Collection Nodes.

Exclusive experience in CIM, data model acceleration, SPL, knowledge objects, reports, dashboards, alerts, data/field extractions

Knowledge of installing, implementing Splunk Enterprise Security

Comprehensive knowledge of Linux and Windows Server operating systems and decent knowledge of administration in Linux

Good understanding of Software Development Life Cycle (SDLC) process and OSI model, Agile methodologies

Splunk certifications in power user, administration, Enterprise Security - a plus.

AWS practitioner certifications - a plus

Exposure to BigFix, Java programming - a plus

Familiarity with Ansible

Abilities to work professionally and communicate effectively in cross-functional team settings across multiple geographical locations

Bachelor's in computer science / information technology - a plus

Required Experience:

7+ years in Information Technology

5+ years of on-premise Splunk Enterprise (SE) 7.X , 8.X experience in administration and environment upkeep - configuring, implementing, supporting SE across Windows Server, Linux/Unix platforms.

Technical experience in a Splunk Enterprise multi-datacenter clustered environment with daily data ingestion above 10+ Terabytes

Good understanding of and experience in scripting languages - Python, Perl, Bash, Powershell

Exclusive technical knowledge and experience from a Cybersecurity standpoint in analyzing logs and in detecting anomalies from disparate sources - Public cloud , endpoints, network, storage, security event sensors, firewall, syslog, Web services, authentication systems

Knowledge and 1+ year in cloud technologies - AWS preferred.