Roles & Responsibilities

Responsibilities:

• Manage multiple assignments, changing priorities, and work independently with little oversight
• Build, implement, and administer Splunk in Windows and Linux environments
• Work with existing and custom Splunk applications and add-ons to fulfill customer needs
• Provide overall engineering and design support for a distributed Splunk environment consisting of heavy forwarders, indexers, and search head servers, spanning security, performance, and operational roles
• Edit and maintain Splunk configuration files and apps
• Provide operational support Splunk Universal Forwarder on Linux and Windows endpoints
• Create, manage, and support automation solutions for Splunk deployment and orchestration in on-premise and cloud environments
• Proficiency onboarding data using Splunk developed add-ons for Windows, Linux, and common third-party devices and applications
• Experience onboarding data into Splunk via forwarder, scripted inputs, TCP/UDP, and modular inputs from a variety of sources
• Proficiency managing Splunk using the Splunk command-line interface
• Proficiency managing Splunk using configuration files
• Experience collaborating with separate engineering teams to configure data sources for Splunk integration
• Experience with Splunk performing systems administration, including performing installation, configuration, monitoring system performance and availability, upgrades, and troubleshooting
• General networking and security troubleshooting (firewalls, routing, NAT, etc.)
• Splunk implementation and troubleshooting experience
• Proficiency developing log ingestion and aggregation strategies per Splunk best practices
• Perform integration activities to configure, connect, and pull data with 3rd party software APIs

Requirements:

• Minimum Diploma holders
• Minimum 3 to 5 years of relevant working experience in designing, deploying Enteprise level SIEM such as Splunk
• Experience maintaining Splunk components (indexer, forwarder, search head, deployment server)
• Experience on-boarding new data sources and setting up alerts (formatting, standardization, etc.)
• Previous experience implementing Splunk Best Practices (apps, add-ons, searches, etc.)
• Ability to perform complete Splunk environment installs, filter data, and manage indexes
• Experience working with industry standard authentication and permissions models
• Broad knowledge of cyber and automation applications and tools, integration experience of such tools into a Splunk solution
• Have security as primary practice area with good knowledge in supporting technologies like Network

Tell employers what skills you have

ArcSight
Troubleshooting
Dashboard
Scripting
Administration
Information Technology
Routing
Logging
Networking
Tcpdump
Windows
Authentication
Orchestration
Linux
Electronics
Firewalls