Senior Associate_Splunk Admin

Job Description

Not Applicable Specialism Microsoft Management Level Senior Associate & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. Those in security architecture at PwC will focus on designing and implementing robust security frameworks to protect organisations from cyber threats. You will develop strategies and solutions to safeguard sensitive data and enable the integrity of systems and networks. \ Responsibilities 1. Splunk Environment Management o Install, configure, and maintain Splunk software across distributed and clustered environments. o Monitor & Keep the Splunk Enterprise instances in good health to serve our customers with highest platform availability. 2. Data Collection and Integration o Collaborate with teams to identify and integrate necessary data sources. o Manage data inputs, parsing, indexing, and storage while monitoring performance, security, and availability. o Configure and maintain forwarders and data ingestion pipelines, including custom log source integration. o Integrate Splunk with various legacy data sources using diverse protocols. 3. Search Alerts/Reporting/Dashboard o Develop and optimize search queries, dashboards, and reports for meaningful data insights. o Create alerts and scheduled reports for critical events and stakeholder notifications. o Create visualizations and custom queries to enhance dashboards and data views. 4. User Access and Role Management o Manage user accounts, roles, and access controls o Ensure compliance with security policies. 5. Troubleshooting and Support o Provide technical support and resolve issues related to log outage, data ingestion, system performance, and Splunk modules. o Collaborate with security teams on vulnerabilities and incident response activities. 6. Performance Tuning and Optimization o Conduct performance tuning and apply best practices for efficient indexing and searching. o Filtering unwanted data and ensuring data hygiene 7. Documentation and Training o Maintain detailed documentation of configurations, policies, and procedures. o Provide training and support to Splunk users and stakeholders. 8. System Upgrades and Patching o Plan and execute software updates, upgrades, and patching, assessing their impact on systems. 9. Incident Management and Response o Participate in incident response to identify and mitigate issues, collaborating with IT and security teams. 10. Innovation and Improvement o Research and implement new Splunk features and tools for enhanced data analysis. o Continuously seek process improvements and provide consulting services to customize Splunk for client needs. Mandatory skill sets Must have Splunk Enterprise Admin Certification. Good to have Splunk Enterprise Architect Certification. Proven experience as a Splunk Administrator or similar role. Strong understanding of Splunk architecture, data collection, and log management. Strong understanding of Networking / Routing fundamentals, traffic and operating systems (Windows & Unix/Linux), TCP/IP, DNS, Firewalls, Security Proxies. Good knowledge in Linux/UNIX Scripting, RegEx. Excellent troubleshooting and problemsolving skills. Ability to work independently and collaboratively in a team environment. Strong interpersonal and communication skills Ready to work across different shifts and flexible on working days Preferred skill sets Splunk Enterprise Certified Administrator Splunk Core Certified Power User Education qualification B.Tecgh/B.E. Education Degrees/Field of Study required Bachelor of Technology, Bachelor of Engineering Degrees/Field of Study preferred Required Skills Splunk Administration Accepting Feedback, Accepting Feedback, Active Listening, Amazon Web Services (AWS), Analytical Thinking, Azure Data Factory, Communication, Compliance, Safety, Accountability (CSA), Computer Network Defense, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Requirements, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Forensic Investigation, Incident Response Tool, Inclusion, Intellectual Curiosity, Java (Programming Language), Learning Agility, Optimism, Security Architecture {+ 14 more} Travel Requirements Government Clearance Required?