Splunk Administrator - Core Technology Infrastructure

Job Description:
This position is for an experienced Splunk professional with subject matter expertise in logging, monitoring and Security Incident and Event Management. This position will be responsible for assisting in the delivery of a world class security logging and monitoring platform through expansion and enhancement of existing services and integration with next generation SIEM and User Behavioral Analysis solutions. This next generation platform will deliver optimal cybersecurity service capabilities as well as optimized performance and cost effectiveness.
Position Summary:

• Administration and engineering of Splunk in a large, distributed environment
• New log client on boarding
• Handling of tickets escalated from Tier 1-2 Operations
• Will be required to share in on call rotation

Required Skills

• 4+ years Splunk administration in a large distributed Linux Enterprise environment
• Solid Splunk SPL experience
• Scripting skills - especially with Python, a plus
• Knowledge of privilege elevation tools
• Experience working with DBMS technologies
• Experience configuring rsyslog/syslog/syslog-ng
• Ability to document installation procedures, Standard Operating Procedures (SOP), etc.
• Experience with ITSM Remedy or other ITSM tools
• Experience using Visual Code/Git

Desired Skills:

• Experience with Cribl Logstream a plus
• Familiarity with ITSI and/or Enterprise Security a plus

Shift:
1st shift (United States of America)
Hours Per Week:
40
Learn more about this role