Job Title: Splunk Administrator
- Support, and maintain Splunk infrastructure for a highly available and disaster recovery configurations.
- Administering Splunk, Splunk App for Enterprise Security (ES) and Splunk ITSI
- Standardize Splunk forwarder deployment, configuration and maintenance across a variety of Windows and UNIX platforms.
- Troubleshoot Splunk server and Splunk forwarder issues
- Managing Large Indexer and Search Head Clusters
- Monitor the Splunk forwarder and server infrastructure for capacity planning and optimization
- Expertise with Splunk Data on-boarding/ ingestion process
- Assist internal users of Splunk in designing and maintaining production-quality dashboards.
- Perform data mining and analysis, utilizing various queries and reporting methods
- Solve complex Integration challenges and debug complex configuration issues
- Technical writing/creation of formal documentation such as architecture diagrams, technical designs
- Strong understanding of Splunk configuration files and architecture
- Understanding of System Log Files and other structured and non-structured data
- Intermediate level understanding of Linux and Windows operating systems
- Expertise with Scripting tools such as Python, Perl, Shell
XXX Linux…. Must be very familiar with a large Linux Environment.
Qualifications - External
- Bachelor’s degree in an IT related field or minimum of 4 years of relevant recent experience
- Minimum 2 years of experience using Splunk for data analytics.
- Splunk Enterprise Security experience
- Splunk ITSI Experience