Job
Description
Splunk Administration & Development: Deploy, configure, and manage Splunk Enterprise , Splunk Cloud , and various Splunk Apps/Add-ons . Design, develop, and optimize Splunk dashboards , reports , and s using Search Processing Language (SPL) . Integrate Splunk with multiple data sources (e. g. , Linux logs, network devices, applications). Manage indexing , forwarders , clustering , and data ingestion across environments. Implement and maintain Splunk Security Information and Event Management (SIEM) solutions for threat detection and incident analysis . Linux System Administration: Maintain, troubleshoot, and optimize Linux environments (RHEL, Ubuntu, CentOS, etc. ). Manage system security , including user access , permissions , and patching . Automate administrative tasks using Bash , Python , or Ansible . Monitor server performance , resource utilization , and log management to ensure system stability. Security & Compliance: Implement log management and security monitoring best practices to enhance system security. Ensure compliance with IT security policies , audits , and regulatory standards . Perform incident response and root cause analysis using Splunk logs for problem resolution. Required Skills & Competencies: Splunk Expertise: Splunk Enterprise, Splunk Cloud, SPL (Search Processing Language) Linux Administration: Strong knowledge of RHEL, Ubuntu, and CentOS systems Scripting & Automation: Proficiency in Bash , Python , or Ansible Security & Compliance: Experience in SIEM , log management, and regulatory compliance Troubleshooting: Ability to diagnose and resolve system and application issues efficiently Preferred Qualifications: Certifications: Splunk Enterprise Certified Admin/Architect, Linux (RHCSA/RHCE) Experience: Managing large-scale Splunk deployments and securing Linux environments Cloud Knowledge: Experience integrating Splunk with cloud platforms (AWS, Azure, GCP)
