Splunk Administrator

Trigent Software Private Limited

Job Location:

Bengaluru - India

Monthly Salary: Not Disclosed

Posted on: 5 hours ago

Vacancies: 1 Vacancy

Job Summary

Overview
We are seeking a proactive and skilled Splunk Administrator at the L2 level to join our team. The ideal candidate will be an expert in managing the full data lifecycle within our Splunk environment from onboarding to operational maintenance. This role is critical for providing actionable insights to IT security and business teams.
Key Responsibilities

Splunk Onboarding & Decommissioning: Manage the end-to-end data onboarding process including log reception and advanced parsing. Youll ensure all data from various sources (UF syslog HEC cloud custom inputs) adheres to the CIM. You will also properly decommission data sources and Splunk components.
System Maintenance & Troubleshooting: Perform routine maintenance and troubleshoot all Splunk components (Indexers Search Heads Forwarders). You will serve as an escalation point for complex issues and maintain Splunk Enterprise Security (ES).
Knowledge & Access Management: Develop and manage Splunk knowledge objects like dashboards reports and data models. You will also manage user access controls to ensure data security.
Documentation & Visualization: Create and maintain comprehensive documentation for all Splunk configurations and processes. You will also build and optimize dashboards to provide clear visualizations for stakeholders.

Required Skills & Qualifications

Required Skills:
2-3 years of proven experience in Splunk administration engineering or a related role.
Deep knowledge of Splunk architecture Search Processing Language (SPL) data management and troubleshooting. A solid understanding of the Splunk Common Information Model (CIM) is essential.
Strong experience with Linux and Windows operating systems.
Proficiency in Regular Expressions (RegEx) for advanced data parsing and extraction.
Experience with Git repository and a strong grasp of networking fundamentals.
Experience with at least one major cloud platform such as AWS Azure or GCP particularly with ingesting cloud-native logs and metrics.
A basic understanding of threat detection and incident response principles is required.
Excellent verbal and written communication skills to collaborate effectively with both technical and non-technical teams.
Strong critical thinking and problem-solving abilities to identify root causes and implement lasting solutions.

Overview We are seeking a proactive and skilled Splunk Administrator at the L2 level to join our team. The ideal candidate will be an expert in managing the full data lifecycle within our Splunk environment from onboarding to operational maintenance. This role is critical for providing actionable in...

Splunk Onboarding & Decommissioning: Manage the end-to-end data onboarding process including log reception and advanced parsing. Youll ensure all data from various sources (UF syslog HEC cloud custom inputs) adheres to the CIM. You will also properly decommission data sources and Splunk components.
System Maintenance & Troubleshooting: Perform routine maintenance and troubleshoot all Splunk components (Indexers Search Heads Forwarders). You will serve as an escalation point for complex issues and maintain Splunk Enterprise Security (ES).
Knowledge & Access Management: Develop and manage Splunk knowledge objects like dashboards reports and data models. You will also manage user access controls to ensure data security.
Documentation & Visualization: Create and maintain comprehensive documentation for all Splunk configurations and processes. You will also build and optimize dashboards to provide clear visualizations for stakeholders.

Required Skills & Qualifications

Required Skills:
2-3 years of proven experience in Splunk administration engineering or a related role.
Deep knowledge of Splunk architecture Search Processing Language (SPL) data management and troubleshooting. A solid understanding of the Splunk Common Information Model (CIM) is essential.
Strong experience with Linux and Windows operating systems.
Proficiency in Regular Expressions (RegEx) for advanced data parsing and extraction.
Experience with Git repository and a strong grasp of networking fundamentals.
Experience with at least one major cloud platform such as AWS Azure or GCP particularly with ingesting cloud-native logs and metrics.
A basic understanding of threat detection and incident response principles is required.
Excellent verbal and written communication skills to collaborate effectively with both technical and non-technical teams.
Strong critical thinking and problem-solving abilities to identify root causes and implement lasting solutions.