Senior Splunk Administrator
Location
Pune | India
Job description
- The Splunk Administrator position in the Client Infrastructure team is responsible for the development, implementation and support of the Log Management Infrastructure and the Splunk Platform, including Security Information and Event Management (SIEM)
- Key responsibilities include assuring logging infrastructure health, availability, high reli and operating effectiveness, and providing strategic support of Splunk architecture, integration and deployment, configuration and maintenance
Key Responsibilities
The Client Infrastructure team is responsible for maintaining and enhancing the service we deliver to our clients. The main deliverables for this position are:
- Implement and maintain enterprise-wide Log Management Infrastructure spanning data centers, AWS / Azure clouds and client offices. Develop and implement logs collection methodologies. Implement and support management processes to assure Log Management Infrastructure robustness, availability, reliability and effectiveness. Establish and maintain end-to-end monitoring and alerting on all critical Splunk infrastructure components.
- Engineer, implement and maintain scalable centralized Splunk infrastructure and configurations including Splunk Cloud and Enterprise deployments, and on-premises / cloud forwarders and deployment servers.
- Undertake day-to-day operational and user support, provide Splunk and Log Management system engineering expertise and lead Splunk incident and problem management activities.
- Utilize various methodologies to capture data including forwarders, Event Collector, and APIs. Onboard new log sources including deployment and customization of Splunk Technology Add-ons. Configure parsing, event line breaking, timestamp and fields extraction and source type definitions. Deploy Splunk applications, develop dashboards, alerts, data models, reports and optimize their performance.
- Lead the initiative to onboard to Splunk the key client application systems, working closely with the application support teams and the platforms support engineers. Develop and maintain an efficient and resilient deployment servers infrastructure.
- Perform Splunk administration tasks including Data and Knowledge Objects creation and maintenance, licensing capacity tracking, user access management, etc
- Design and customize complex search queries, and promote advanced searching, forensics and analytics.
Knowledge
- Proficiency in implementing, maintaining and supporting large scale log management infrastructures.
- High level of competence in designing, implementing and supporting high availability, scalable Splunk configurations. Expertise in Data and Knowledge Objects creation and maintenance.
- Proficiency in data onboarding utilizing different methodologies.
- Advanced Splunk Search Processing Language skills. Expertise in developing Splunk dashboards, data models, reports and applications.
- Working knowledge of Linux system administration.
- Working knowledge of scripting languages (eg Python, Pearl, bash, etc).
- Excellent problem solving, critical thinking, communication, and teamwork skills.
- Excellent written and verbal communication, able to collaborate and rally support.
- Self-disciplined, self-managed, self-motivated and strong sense of ownership, urgency, and drive.
- Excellent interpersonal skills and the ability to work well in a team.
- Passionate to learn, understand, and dissect new technology stack quickly on own.
Additional Skills
- Microsoft (PowerPoint, excel, word)
- Extreme attention to detail
- Experience establishing and documenting processes and procedures
- Ability to multi-task and work well under pressure
- Exceptional customer service skills
Experience
- A minimum of three years of experience in Splunk administration
- Background in Linux / Windows system administration
- Splunk certification is a plus
- Bachelor of Science/Computers/Engineering is preferred
Job tags
Salary