Splunk Engineer
Vitech Systems Asia Private Limited
4d ago
source : Shine

Required Qualifications

  • Minimum of 2 recent years direct Splunk ES architect and administration experience.
  • Advanced knowledge of Splunk ES administration, search language (SPL), search techniques, alerts, dashboards and report building.
  • Expert knowledge of regular expressions and at least one common scripting language (PERL, Python, VB Script).
  • Relevant certifications such as CISSP are a plus.
  • Functional Responsibilities

  • Responsible for the health and accuracy of Splunk ES system, identifying configuration errors and undertaking remediation activities.
  • Perform health check activities to ensure the availability of the Splunk ES environment.
  • Follow a comprehensive set of SOPs related to Splunk ES application administration.
  • Identify enhancements and architect upgrades to the Splunk ES application.
  • Manage the Vitech s Splunk universal forwarder configurations, deploying updates and changes as required.
  • Provide data onboarding and data cleaning services in Splunk ES for Vitech.
  • Work with other cybersecurity and operations teams for incident response.
  • Construct advanced reports, dashboards and alerts using Splunk ES and operationalize these capabilities with documentation.
  • Correlate disparate data sets together in Splunk ES for the purpose of the cybersecurity and operations teams.
  • Ability to exercise sound technical, interpersonal and organizational judgment while evaluating and solving complex problems.
  • Partner with system owners to identify upcoming end of life components, and plan track their decommissioning.
  • Key Competencies

  • Hands-on experience using Splunk ES platform. Advanced level of familiarity with Splunk search languages, including mathematical and statistical functions.
  • Hands-on experience managing Splunk platform. Familiarity with Splunk architecture, implementation, management and maintenance.
  • Hands on experience working as part of a SEIM engineering team (ideally Splunk ES).
  • Reasonable understanding of Indicators of Compromise and other methodologies to detect incident-related anomalies.
  • Must understand and be familiar with modeling security related data concepts, such as net flow, Web browsing, authentication, email flow, etc.
  • Good written and oral communication skills including the ability to interact directly with customers that do not have an IT background.
  • Proven ability to work within a large enterprise that spans multiple continents, is governed by change management and has a tiered support model.
  • Reporting and dashboards must be able to create reports and dashboards that represent significant data findings to both technical and non-technical audiences.
  • Ability to work in a time-sensitive environment; must be detail oriented and able to multitask to meet deadlines and company objectives.
  • Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form