Job title: Splunk Enterprise Administrator
Experience:
4-7 Years
Notice
period: Immediate to 15 days
Location: Gurgaon
JD:
RESPONSIBILITIES:
· Administering Core Splunk and Splunk
App for Enterprise Security (ES), log management, ingestion, normalization and
CIM compliance.
· Provide operational support for the
Enterprise Logging/ Splunk platform in support of Enterprise Security and IT
Service Intelligence.
· Advanced Splunk analytics and the
development and administration of custom Splunk applications.
· Splunk data ingestion, integrations
with business-critical enterprise applications and systems.
· Develop specialized Splunk Security
and Compliance applications, add-ons, data models, dashboards, content.
· Develop custom Splunk applications
and Add-Ons for inclusion of access events per use case criteria.
· Leverage Modular design to onboard
application/access/security logging.
Skills and
experience:
· Active Splunk Enterprise Admin
Certified or Splunk Certified Developer Required at a minimum.
Required
Experience:
· In addition to active Splunk
certification(s), must also have experience with the following:
· Splunk Indexers cluster and search
heads cluster management
· Splunk app & add-on development
· Strong experience in Splunk
development, building dashboards, reports, and lookup tables.
· Working knowledge of Splunk
including SPL, indexers, forwarders, search heads
· Expertise with cyber security data
onboarding, application data onboarding and CIM compliance.
· Holds industry-recognized
certifications of security technologies or network technologies.
· Proficient knowledge and experience
with SIEM, Log Management or Data Analytical platforms.
· Strong understanding of IT Security
concepts, best practices, and market direction.
· Advanced understanding of networking
concepts and ability to analyze network artifacts.
· Knowledge of common information security
management frameworks.
· Excellent troubleshooting, reasoning
and problem-solving skills.
· App Monitoring and Administration:
Adept at administering Splunk and addressing new app monitoring requests,
ensuring all applications are monitored effectively through Splunk.
Soft
skills:
· Ability to collaborate with others,
leveraging many project approaches.
· Comfortable working remotely with
team members on different time zones