Splunk Administrator - Visualization/Production Support (5-8 yrs) Hyderabad (DevOps)
Creeno Solutions Private Limited
Hyderabad
3d ago
source : hirist.com

Job Title : Splunk Engineer / Admin

Experience : 6-8 Years

Job Type : Permanent

Qualification : Any Graduate (Full Time)

Work Schedule : This is a 24x7 support team. Ideal candidate would be willing to work night and weekend shifts

Job Summary :

Provide overall engineering and design support for a very large distributed state of the art Splunk environment.

The Splunk Engineer / Admin would be responsible for enhancing the architecture, performance tuning and Operational support in prod and non-prod environments.

The candidate should be familiar with recognizing and onboarding new applications into Splunk, perform trend analysis, build dashboards and make :

  • Develop distributed Splunk applications, including requirement gathering, coordinating Splunk setup
  • Support, maintain and expand Splunk infrastructure to meet future architecture design and deployment requirements
  • Perform basic and advanced scripting tasks with Splunk to automate repeatable processes using Python
  • Design, implement and optimize Splunk applications (to include Enterprise Security), queries, knowledge objects, and data models.
  • Develop new dashboards, searches, and alerts to enhance Enterprise Security use cases.
  • Deploy Best Practices for developing Splunk Apps and create conceptual architecture for a continuous improvement initiative
  • Provide Impact assessment for migration efforts.
  • Support Performance Testing and User Acceptance Testing
  • Design and implement Custom Searches and reports
  • Build PoCs for Splunk enhancements
  • Tuning information model, defining reusable templates
  • Define reusable view templates, and retention & archival policies
  • Provide Impact assessment for migration efforts, and coordinate migration activities
  • Qualifications :

  • 3 years experience in Managing, Designing, Configuring Splunk environment.
  • 3 years experience in Unix environment including Administration, Scripting or Supporting applications.
  • Experience in managing a large distributed Splunk environment consisting of Search heads, Indexers, Cluster masters, Deployers, Deployment Servers, and Heavy / Universal forwarders
  • Experience in Syslog, Splunk HTTP Event Collection (HEC) and Windows Event Collection Services.
  • Experience in Developing Splunk Dashboards, Reports, Alerts, Visualizations and Optimize searches
  • Experience in Log parsing, lookups, calculated fields, extractions using regex
  • Experience with one or more of the Splunk applications like DBConnect, ServiceNow, AWS, Azure, Kafka.
  • Experience in Splunk ITSI Module and Phantom will be added advantage.
  • Experience with Splunk Enterprise Security Premium Application.
  • Experience in requirement gathering and documentation.
  • Experience in automation with programming languages like Python, JAVA, .Net, XML, HTML.
  • Knowledge and Experience in GIT, Bitbucket, Bamboo, Ansible, Chef, JIRA
  • Familiarity with network topology, UDP, TCP, Proxys, Firewalls, Routers, and Switches.
  • Familiarity with Phantom, Cloud computing, Web Interfaces, Databases, and Big Data technologies (like Hadoop, Kafka, etc.).
  • Understanding of CI / CD.
  • Experience in coordinating with offshore support teams / virtual teams.
  • Excellent communication and interpersonal skills.
  • Nice to have experience in Security information and event management (SIEM).
  • Nice to have experience with RTIR
  • Inviting applications from qualified candidates and those who can join within 30 days of the offer.

    Report this job
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form