Manage multiple assignments, changing priorities, and work independently with little oversight
Build, implement, and administer Splunk in Windows and Linux environments
Work with existing and custom Splunk applications and add-ons to fulfill customer needs
Provide overall engineering and design support for a distributed Splunk environment consisting of heavy forwarders, indexers, and search head servers, spanning security, performance, and operational roles
Edit and maintain Splunk configuration files and apps
Provide operational support Splunk Universal Forwarder on Linux and Windows endpoints
Create, manage, and support automation solutions for Splunk deployment and orchestration in on-premise and cloud environments
Proficiency onboarding data using Splunk developed add-ons for Windows, Linux, and common third-party devices and applications
Experience onboarding data into Splunk via forwarder, scripted inputs, TCP/UDP, and modular inputs from a variety of sources
Proficiency managing Splunk using the Splunk command-line interface
Proficiency managing Splunk using configuration files
Experience collaborating with separate engineering teams to configure data sources for Splunk integration
Experience with Splunk performing systems administration, including performing installation, configuration, monitoring system performance and availability, upgrades, and troubleshooting
General networking and security troubleshooting (firewalls, routing, NAT, etc.)
Splunk implementation and troubleshooting experience
Proficiency developing log ingestion and aggregation strategies per Splunk best practices
Perform integration activities to configure, connect, and pull data with 3rd party software APIs
Requirements
Degree in Computer Science, Computer or Electronics Engineering or Information Technology or an equivalent
Minimum 3 to 5 years of relevant working experience in designing, deploying Enteprise level SIEM such as Splunk