Apply for this Job
• Responsible for designing & setting up the ingestion of various customer data flows to include pre-processing data into a useable format, ensuring proper parsing and indexing
• Collaborate with cross-functional teams and responsible for designing & integrating Splunk with a wide variety of data sources and developing associated knowledge objects such as queries, dashboards, reports, alerts for monitoring and analytics
• Perform data transformation using Splunk Query Language
• Monitor the health of the Splunk environment and optimize its performance. Troubleshoot and resolve issues related to Splunk performance, data indexing, and searches.
• Experience administering Splunk Enterprise for large organizations
• Experience managing user authentication within Splunk to include Role and Attribute Based Access Controls (RBAC\ABAC), authentication with Lightweight Directory Access Protocol and Active Directory (LDAP\AD), and managing access via HEC tokens
• Experience managing integrations with technical add-ons with a relevant experience integrating DBConnect
• Experience implementing and managing Apps within Splunk
• Experience administering Splunk on large scale cloud environments
• Experience working in DevOps and Scrum environments
• Must have in-depth experience and knowledge in Splunk Enterprise, Splunk ES and Splunk ITSI. Proficiency: Splunk Administration - Intermediate Splunk Security Information and Event Management (SIEM) Operations - Intermediate Splunk Enterprise Architecture and Design - Intermediate Hybrid/Remote: Ability to report onsite in Washington DC area one time per week.
Date Posted: 12 March 2025
Apply for this Job