Lead, Splunk Engineer

Job Description

Lincare is seeking an experienced Splunk Engineer that will be responsible for the architecture, installation, administration, and development of Splunk log aggregation, parsing, and alert monitoring. This employee will enhance client infrastructure, supporting application and server data, reporting, custom queries, dashboards, and security roles administration. In addition to log analytics, they will help administer a variety of other platforms within the client enterprise management suite.

Job Responsibilities:

• Understand the business process flow and design develop an "End-2-End" business transaction visibility, including large-scale processing, integration, and analysis of system logs and databases in Splunk.
• Create and manage Splunk knowledge objects to include apps, dashboards, alerts, extractions, tags, workflow actions, and aliases.
• Mandatory Experience with writing complex Regular expression to extract fields for data that is structured and unstructured.
• Develop content with regular expressions, performing data interpretation classification, and enrichment.
• Perform data mining and analysis, using various query and reporting methods
• Experience with building complex searches and utilizing lookup tables and input lookups from KV Stores.
• Experience with writing scripts to collect data that cannot use the universal forwarder.
• Experience with extracting fields, multivalue fields, tags, field aliases, etc.
• Experience with driving Splunk demo's for providing insight to other teams and business units.
• Experience with cloud (e.g. o365, Azure, AWS, etc) security monitoring and familiar with cloud threat landscape
• Experience in Data Onboarding from multiple sources.

Qualifications

• • Extensive experience implementing Splunk Dashboards, Alerts, Reports.
  • Experience supporting Network Operations.
  • Experience both on-prem and Cloud Splunk
  • Five to Six years of general work experience and two to three years of experience, configuring, deploying, and customizing Splunk.
  • Strong understanding of configuration files and relationship between GUI configuration and backend configuration file impact
  • Knowledge of advanced search and reporting commands
  • Strong understanding of SPL as well as the ability to develop automated search and apps using Python or bash/perl/shell scripting
  • Demonstrated ability to create complex dashboards, forms, and visualizations
  • Understanding of System Log Files and other structured and non-structured data.
  • Effective verbal and written communication skills that include the ability to describe highly technical concepts in non-technical terms

Education and Experience:

• Bachelor's Degree or an equivalent combination of formal education and experience
• Mandatory Certification -Splunk Certified Developer/ Splunk Certified Admin

Physical Demands:

The employee must frequently lift and/or move up to 10 pounds.