Splunk Administrator

Title : Splunk Administrator

Location: Atlanta, GA

• Roles and Responsibilities

  • Splunk Platform administration including Installations , upgrades , security, vulnerability remediation and maintenance activities.

  • Monitor the health of the Splunk Logging Platform performance and capacity to ensure that it can handle the workload of the entire organization.

  • Configure security for the organization.
    
    

  • Operational activities to support logging data onboarding, normalization, troubleshooting.

  • Maintaining documentation of all configurations and changes to the system.

  • Splunk data Ingestion with large-scale business-critical enterprise applications and systems.

  • Create alerts for unusual activity such as security breaches or system failures.

  • Integrate Splunk with other tools including Okta, AD , Cribl etc.

  • Performing troubleshooting when issues occur with the system to identify the cause.

  • Deployment Server Administration via CLI.

  • UF/HF installation and Troubleshooting for Linux/Windows environments.

  • Use best practices to deploy configurations to Splunk components and UF/HF agents.

  • Automate processes as much as possible using Devops practices.

  • Work closely with the support in addressing any major upgrades and critical tickets related to security.

  • Engage application and infrastructure teams to establish best practices for utilizing Splunk data and visualizations.

  • Identify gaps and provide hands-on development and enablement assistance to application teams technical users.

  • Develop more robust cost metrics and benchmarking capabilities to assist in efforts supporting IT cost management.

• Experience:

  • 6+ years of experience with Splunk engineering, administration, deployment, and maintenance for a large-scale network environment.

  • Strong expertise in understanding architecture and ability to create, modify, and troubleshoot data queries through various data sources.

  • Strong understanding of Splunk configuration files and architecture.

  • Strong knowledge of application monitoring and event management.

  • Strong Knowledge of enterprise logging, including application, OS, and security technology logging.

  • Splunk Knowledge Object troubleshooting/provisioning.

  • Advanced Splunk Programming Language (SPL) experience to work with multiple large data sets on complex solutions

  • Experience w/ interacting with customers' configuration and optimization in Splunk.

  • Experience with using scripting languages to automate tasks and manipulate data.

  • Experience with DevOps tools like Jenkins, Artifactory, Ansible, and APM tools.

  • Strong Knowledge of a scripting language (Python & Shell).

  • Strong knowledge of AWS cloud services and deployments .

  • Knowledge on Network and Linux enterprise environments.

  • Cribl tool experience.

  • Splunk Certified Administrator.