Splunk Administrator
Job Description
The Splunk Operations, Integrations and Development Specialist is responsible for building, operating, integrating, onboarding, and developing content within Splunk. The position requires the individual to be a highly knowledgeable Splunk application support and development along with comprehensive experience interacting with customers and building relationships. The Splunk Administrator is responsible for administering the Splunk Enterprise, Unix administration, Splunk integration managment/data onboarding, Splunk user provisioning, and troubleshooting and supporting Splunk Universal Forwarders. The opportunity to join the Cyber Threat Systems team is available to the successful candidate able to engage on tasks independently, document and communicate their work efforts to a Scrum based project team and provide expert level technical support and Splunk development on an enterprise scale.
Essential Responsibilities
- Perform advanced Splunk administration.
- Advise, manage, support an enterprise class Splunk environment.
- Support system administration activities on Linux OS and Splunk Enterprise and related applications
- Participate in production support activities of Splunk.
- Participate in team 24×7 oncall rotation (1 week every 6 weeks)
- Design Splunk system to meet growth while maintaining balance between performance/stability and agility.
- Develops advanced scripts for manipulation of multiple data repositories to support analyst requirements.
- Onboard and normalize new security and privacy event data into Splunk
- Develops advanced reports, dashboards or alerts to meet the requirements of critical initiatives.
- Develops scalable security management tools and processes.
- Develops automation supporting Splunk application and data managment.
- Create customized searches and applications using programming/development skills such as java, python, shell scripting, regular expression etc.
- Automate deployment, integration and testing of enterprise system and services
- Communicate clearly to technical and business audiences
- Be well organized with a healthy sense of urgency, and able to set, communicate, and meet aggressive deadlines and milestones
- Self-motivated, learns quickly and delivers results with minimal supervision
- Quickly understand and interpret customer problem and navigate through complex organizations
- Represent the group in a friendly, courteous, and professional manner.
Minimum Qualifications
- Bachelor’s degree in Business Administration, Computer Science, Social Science, Mathematics, or related field and Minimum eight (8) years experience in IT or a related field. Additional equivalent work experiene of three years of work experience may be substitued for degree requirement, in addition to minimum years of experience (11 years total)
- Minimum 5+ years of experience with Splunk Enterprise application administration and integration management.
- Minimum 5+ yeears of professional expereience and administration of large scale Linux/Unix deployments
- Minimum 5+ years of experience with code deployment and revision control software (i.e. Git)
Additional Requirements
- Solid understanding of regular expressions and development on a Linux platform
- Knowledge of Splunk Administration
- Understanding of enterprise logging & analytics platforms
- Infrastructure management and support experience
- Experience in using scripting languages to automate tasks and manipulate data.
- Experience working in a large enterprise environment
- Experience integrating solutions in a multi-vendor environment.
Licenses and Certifications
- Splunk Enterprise Certified Architect
- Splunk Enterprise Certified Advanced Power User
Benefits
- Transportation.
- Life insurance.
- Medical insurance.
- Solidarity association.
- Growth plans.
- Additional days off.
K5
