View all jobs

Splunk Administrator

Roseland, NJ
Our Client is seeking a Splunk Administrator to join their growing team. This is a direct perm opportunity.
Technical Qualifications:
  • Architect, design, support, and maintain Splunk infrastructure for a highly available and disaster recovery configurations
  • Architect and administer Splunk IT Service Intelligence (ITSI) and Enterprise Security (ES) platforms for a large scale data ingestion
  • Administer Large scale multi-site Splunk Indexer, search head cluster environments in multiple Geographical locations
  • Architect Splunk for monitoring organization's infrastructure health, KPIs, processes and services
  • Develop  notable framework to integrate Splunk alerts into event and Incident management systems
  • Develop self-service APIs for the customers to leverage Splunk services
  • Architect Splunk IT Service Intelligence platform to monitor services and KPIs across the organization
  • Develop Predictive analytics for various business use cases using Splunk's MLTK (Machine Learning Tool Kit) and IT Service Intelligence (ITSI)
  • Closely work with Cyber Security Operations team to develop correlation searches, normalize the data for CIM (Common Information Model) compliance
  • Experience with Splunk Cloud SaaS is a plus
  • Develop Data Model Accelerations for efficient  usage and optimal performance from Splunk
  • Experience with Splunk data retention strategies, backups and archiving
  • Develop Report Accelerations and Summary indexing searches for optimal reports and dashboards
  • Architect various Splunk data ingestion mechanisms for large scale volumes, such as syslog, AWS, cloud-watch, Kinesis and Azure EventHub, HEC (HTTP Event Collector)
  • Standardize Splunk agent deployment, configuration and maintenance across a variety of Windows, Linux and UNIX log platforms
  • Troubleshoot  and fix Splunk server and Forwarder issues
  • Developing complex Splunk search queries for the reports and dashboards that have high visibility in the organization
  • Expert in automating the repetitive tasks using any automation tools - Shell or Python scripting
  • Experience with the automation and version control tools such as Ansible and Git
  • Develop Automated production Deployments for Splunk utilizing Git, Ansible and Jenkins
  • Experience with managing applications on Unix platforms
  • Train and Mentor peer admins and other groups on their use of Splunk
  • Monitor the core Splunk server and forwarder infrastructure for capacity planning and optimization
  • Solve complex Splunk Integration challenges and debug complex data ingestion, Clustering configuration issues
  • Technical writing/creation of formal documentation such as architecture diagrams, technical designs, and SOPs
  • Understanding variety of data sources that ingested into Splunk and develop the appropriate predictive monitoring capabilities
  • Understanding variety of sources such as JSON, XML, CSV and ingesting them into Splunk
  • Expert at installing, configuring and maintaining syslog-ng for a very large scale syslog data ingestion
  • Familiarity with at least one other Infrastructure or Application monitoring technologies such as Datadog, Dynatrace, New Relic
  • Expertise with working with Agile methodologies and the relevant tools such as JIRA
General Qualifications:
  • Bachelor’s degree in an IT related field or minimum of 5 years of IT experience and extensive Splunk experience
  • Splunk Certified Power User, Splunk Certified Admin, Certified Splunk Architect is a plus
  • Must be a self-starter and be able to manage their time against deliverables
  • Strong verbal and written communication skills required
  • Experience working with cross functional teams
  • Ability to exercise independent judgment and creative problem-solving techniques in a highly complex environment using leading-edge technology and integrating with diverse application systems.

More Openings

Embedded Engineer

Share This Job

Powered by