Splunk AdministratorDeveloper
Splunk AdministratorDeveloper
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
We are seeking a skilled Splunk Administrator/Developer to join our IT Operations or Security team. This role is responsible for administering developing and optimizing our Splunk environment to ensure effective log ingestion analysis visualization and alerting for IT operations security monitoring and business intelligence.
Key Responsibilities:
Administration:
Install configure upgrade and maintain Splunk Enterprise and Splunk apps across multiple environments.
Manage Splunk indexer search head deployment server and forwarder infrastructure.
Monitor Splunk performance and ensure system availability and reliability.
Configure and maintain data inputs parsing rules and ingestion pipelines.
Implement Splunk best practices in indexing storage management and data lifecycle.
Development:
Develop and maintain dashboards reports alerts and custom visualizations.
Create and optimize Splunk searches using SPL (Search Processing Language).
Build automation scripts and use REST APIs for integration and orchestration.
Develop custom TA (Technology Addons) or modify existing ones to ensure proper data ingestion.
Collaborate with various teams (Security DevOps Application) to understand logging and monitoring needs.
Security & Compliance (if applicable):
Support the use of Splunk as a SIEM tool (if integrated).
Help in log source onboarding from security tools and infrastructure.
Assist in developing correlation searches threat intelligence feeds and incident detection content.
Required Skills and Qualifications:
Bachelors degree in Computer Science Information Systems or related field.
3 7 years of experience with Splunk administration and development.
Proficiency in SPL and creating interactive dashboards and reports.
Experience with Linux/Unix scripting (Python Shell) and regular expressions.
Familiarity with networking protocols and log sources (e.g. Syslog SNMP Windows Event Logs).
Knowledge of data onboarding techniques including and .
Understanding of Splunk clustering indexing strategies and deployment server.
Preferred Qualifications:
Splunk certifications (e.g. Splunk Core Certified Power User Admin Architect).
Experience integrating Splunk with cloud platforms (AWS Azure GCP).
Exposure to ITSI Phantom/SOAR or Splunk Enterprise Security.
Experience with CI/CD and Infrastructure as Code (IaC) tools.
Soft Skills:
Strong problemsolving and troubleshooting skills.
Excellent verbal and written communication.
Ability to work independently and in a teamoriented environment.
Employment Type
Full Time
