Splunk

SPLUNK

Location:

Min Exp :

NP :

Key Role Responsibilities:

• Design and implement monitoring solutions for new and existing systems; utilising Cribl, Splunk, Opensearch and other tools aligned to standard patterns.

• Contribute to the creation of new monitoring patterns, roadmaps where required.

• Data onboarding: Requirements gathering, design, implementation, and testing, to onboard new data sources to Cribl, Opensearch and Splunk – via Universal Forwarders, HTTP Event Collector, APIs, syslog etc.

• Map data to Splunk CIM, to meet stakeholder and data governance requirements.

• Performance optimisation – Optimise existing and new search queries and dashboards to improve performance. Optimise platform design and configuration to enhance performance, architecture.

Skills and Experience:

• Strong knowledge of Splunk architecture, administration, and custom development (Splunk certified admin / architect / developer or equivalent experience) across Splunk Enterprise, Splunk Enterprise Security.

• Experience administering and/or developing for an enterprise level implementation of Splunk (clustered architecture).

• Proficient in Splunk query language (SPL) and experienced in developing and supporting custom Splunk search head applications for specific use cases.

• Strong knowledge of Cribl architecture, administration, and custom development (Cribl certified admin / developer or equivalent experience)

• Experience administering and/or developing for an enterprise level implementation of Cribl (clustered architecture).

• Strong knowledge of Opensearch architecture, administration, and custom development (Opensearch certified admin / developer or equivalent experience)

• Experience administering and/or developing for an enterprise level implementation of Opensearch (clustered architecture).

• Strong technical knowledge of red hat Linux, firewalls and load balancing principles

• Extensive knowledge and experience of Agile and DevOps.

• AWS – architect and sysops certified or equivalent. Azure and/or GCP experience is also preferred.

• Ansible, CD tools, particularly Jenkins.

• Scripting - Linux Shell & Python.

• Linux OS (preferable Redhat proficiency).

• Experienced user of Git / GitHub, Selenium, Docker, Kubernetes, Splunk UBA, Splunk Phantom, Syslog-ng and/or syslogs, JIRA, Confluence.