Splunk Engineer

Job description:
Key Responsibilities:

• Design, engineer, and administer a large distributed clustered Splunk environment, including search heads, indexers, deployers, deployment servers, heavy/universal forwarders, and Splunk Enterprise Security premium app.
• Recognize and onboard new data sources into Splunk, analyze data for anomalies/trends, and build dashboards to highlight key trends.
• Manage Splunk configuration files and apps within a Linux environment.
• Collaborate with Enterprise Splunk team & Cybersecurity Engineering team members to ensure effective Splunk implementation and usage.
• Provide technical support and troubleshooting for Splunk-related issues and work with end users to gather requirements and create Splunk search queries/dashboards.
• Work with senior management as needed to present insights and findings.

Basic Qualifications:

• Bachelor’s degree in Information Technology (or equivalent experience).
• 8+ years of IT experience, with a focus on Cybersecurity, Infrastructure, and Data Analytics.
• 3+ years of experience in Linux and SQL ODBC interfaces.
• Experience with AppDynamics for application performance monitoring.
• 2+ years of experience in developing app interfaces using REST APIs.
• 4+ years of experience in a senior Splunk role supporting SOC or NOC environments in a clustered Splunk setup.
• Ability to manage Change & Configuration Management in enterprise environments.
• Strong problem-solving skills and ability to handle pressure effectively.
• Self-starter with the ability to prioritize and manage multiple tasks independently.
• Familiarity with Cloud Services: AWS, Azure, Office 365.
• Scripting expertise in one or more languages: Python, Bash, Visual Basic, PowerShell.

Preferred Qualifications:

• Experience in SQL and database administration.
• Completed Splunk training or previous professional services experience in Splunk.
• Prior experience automating Splunk deployments and orchestrating within a cloud environment.

Certifications:

• Splunk Certified Architect (Mandatory).

Security Clearance:

• Must have a current or be able to favorably pass a 5-year BI Background Investigation.

Technical Skills:

• Development & Scripting: .NET Framework, Angular, AppDynamics, Bash/Shell Scripting, Python, PowerShell, VB.NET
• Cloud & DevOps: AWS DevOps Services, Azure DevOps, Docker, Kubernetes
• Databases & Storage: Azure Cosmos DB, Cassandra, DB2, MongoDB, MySQL, MS SQL Server, Oracle DB, PostgreSQL
• Monitoring & Automation: Splunk, Prometheus, Grafana, Dynatrace, Elastic Search
• Middleware & Applications: JBoss, Tomcat-Apache, WebSphere, Nginx, IIS Server
• Enterprise Solutions: ServiceNow ITSM, ServiceNow-Event Management, ServiceNow (ITOM, ITSM, and other Functional Testing), Major Incident Management, Problem Management
• Testing & ERP: JDA, PoS, PLM, Infor LN, JDE, PeopleSoft Testing, Flexcube Technical PL/SQL