logo

View all jobs

Splunk Architect

Roseland, NJ
 Our client is looking for a Splunk Architect to join their growing team.
  • Architect, design, support, and maintain Splunk infrastructure for a highly available and disaster recovery configurations
  • Architect and administer Splunk IT Service Intelligence (ITSI) and Enterprise Security (ES) platforms for a large-scale data ingestion
  • Administer Large scale multi-site Splunk Indexer, search head cluster environments in multiple Geographical locations
  • Architect Splunk for monitoring organization's infrastructure health, KPIs, processes and services
  • Evangelize the monitoring tools across the organization and show case the value proposition of the tools
  • Build strong customer experience for the service via regular interactions with the users, lunch& learn sessions, and other webinar sessions
  • Strong architecting expertise with the data access provisioning and access controls
  • Ability to work with the internal security risk and audit teams, identify the gaps in the security controls around the platform and implement the action plans
  • Experience working with cross functional teams
  • Experience with Splunk cloud is a plus
  • Experience with prioritizing the incoming work and able to address the customer needs in an incremental deliverable fashion
  • Develop notable framework to integrate Splunk alerts into event and Incident management systems
  • Develop self-service APIs for the customers to leverage Splunk services
  • Architect Splunk IT Service Intelligence platform to monitor services and KPIs across the organization
  • Develop Predictive analytics for various business use cases using Splunk's MLTK (Machine Learning Tool Kit) and IT Service Intelligence (ITSI)
  • Closely work with Cyber Security Operations team to develop correlation searches, normalize the data for CIM (Common Information Model) compliance
  • Develop Data Model Accelerations for efficient usage and optimal performance from Splunk
  • Experience with Splunk data retention strategies, backups, and archiving
  • Develop Report Accelerations and Summary indexing searches for optimal reports and dashboards
  • Architect various Splunk data ingestion mechanisms for large scale volumes, such as syslog, AWS, CloudWatch, Kinesis and Azure Eventhub, HEC (HTTP Event Collector)
  • Standardize Splunk agent deployment, configuration, and maintenance across a variety of Windows, Linux, and UNIX log platforms
  • Troubleshoot and fix Splunk server and Forwarder issues
  • Developing complex Splunk search queries for the reports and dashboards that have high visibility in the organization
  • Expert in automating the repetitive tasks using any automation tools - Shell or Python scripting
  • Experience with the automation and version control tools such as Ansible and Git
  • Develop Automated production Deployments for Splunk utilizing Git and Ansible
  • Experience with managing applications on Unix platforms
  • Train and Mentor peer admins and other groups on their use of Splunk
  • Monitor the core Splunk server and forwarder infrastructure for capacity planning and optimization
  • Solve complex Splunk Integration challenges and debug complex data ingestion, Clustering configuration issues
  • Technical writing/creation of formal documentation such as architecture diagrams, technical designs, and SOP (standard operating procedures)
  • Understanding how the other monitoring and incident management tools work. For example: Dynatrace, DataDog, ServiceNow
  • Understanding variety of data sources that ingested into Splunk and develop the appropriate predictive monitoring capabilities
  • Understanding variety of sources such as JSON, XML, CSV and ingesting them into Splunk
  • Expert at installing, configuring, and maintaining syslog-ng for a very large-scale syslog data ingestion
  • Expertise with working with Agile methodologies, New Ways of Working (NWoW) and the relevant tools such as JIRA
 
 
General Qualifications:
- Bachelor’s degree in an IT related field or minimum of 7 years of IT experience and extensive Splunk experience
- Splunk Certified Power User, Splunk Certified Admin, Certified Splunk Architect is a plus
-  Must be a self-starter and be able to manage their time against incremental deliverables
  • Strong verbal and written communication skills required
  • Experience working with cross functional team 
- Ability to exercise independent judgment and creative problem-solving techniques in a highly complex environment using leading-edge technology and integrating with diverse application systems.
 
 
 

More Openings

Software Engineer-3D Systems
Cloud Engineer
DevOps Engineer
Solution Architect

Share This Job

Powered by