Job Description
Splunk Engineer/Admin
TechForwardLLC
Job Description:
- Data onboarding
- Ingest data from network appliances
- Ingest application data
- Ingest data from windows sources
- Ingest data via syslog aggregator
- Configure Splunk in standalone & distributed environments
- Ingest API logs
- Collaborate with customers to development customers to develop content
- Troubleshoot Splunk Search latency
- Implement Access Controls
- Troubleshoot indexing issues
- Troubleshoot OS issues on windows and Linux
- Automate tasks in Splunk.
- Document fixes and lessons learned
- Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access.
- Linux Disk Management
- Design, manage, and maintain agency SIEM infrastructure to improve data ingestion processes, including architectural work on data pipelines to ensure optimal flow of data.
- Maintenance, configuration and implementing products, appliances and devices on the network.
Qualifications
- Bachelor’s degree and 4 + years of Splunk experience or Masters degree and 2+ years of Splunk experience
- Configuring Splunk Distributed & Clustered Environments
- Knowledge of network protocols- tcp/ip, dns, https, icmp, smp, smtp,ssh and osi model
- At least 2 years of experience with:
- Upgrading, maintaining and tuning Splunk in a Large-Scale enterprise
- Collaborating with customers to create dashboards, alerts and data enrichment
- Developing documentation with processes and procedures
- Proposing, implementing automation features in a large enterprise environment
- Hold Splunk Core Certifications of User, Power User and Admin
- Hold active Security + certification
- Experience in developing and tailoring reporting from network security tools.