Splunk Admin

Splunk Administrator (with Scripting experience: Python/ Bash)

Job Summary

The Splunk Administrator will be responsible for the effective deployment, configuration, and maintenance of the Splunk environment. This role is critical in ensuring the stability, performance, and scalability of our Splunk infrastructure, enabling our teams to effectively utilize machine data for security, operations, and business intelligence. The ideal candidate will have strong expertise in Splunk Enterprise and a solid background in systems administration and networking.

Key Responsibilities

• Administer and maintain the Splunk infrastructure, including Splunk Enterprise and Splunk Enterprise Security (ES).
• Perform installation, configuration, and maintenance of Splunk components, including Search Heads, Indexers, Deployment Servers, and Universal/Heavy Forwarders across various platforms (Linux, Windows).
• Monitor the health, performance, and capacity of the Splunk environment and proactively address issues.
• Manage user access, roles, and permissions within the Splunk environment.
• Onboard new data sources, including developing and maintaining parsing, field extractions, and data normalization.
• Develop and implement automation scripts for routine Splunk administration tasks.
• Troubleshoot complex Splunk performance issues, data ingestion problems, and connectivity issues.
• Collaborate with security, operations, and development teams to understand their requirements and assist in creating dashboards, reports, and alerts.
• Maintain comprehensive documentation related to the Splunk infrastructure, configurations, and processes.

Qualifications

Required

• Two years of experience administering and deploying Splunk in an enterprise environment.
• Expert-level knowledge of Splunk Enterprise architecture and components.
• Proficiency in Splunk Search Processing Language (SPL) and regular expressions.
• Experience with Linux and Windows operating systems, including command-line tools and scripting (e.g., Python, Bash).
• Good understanding of network protocols, firewalls, and security concepts.
• Good problem-solving and communication skills.

Preferred

• Splunk certifications.
• Experience with cloud platforms (AWS, Azure, GCP) and integrating Splunk with cloud-native services.
• Familiarity with configuration management tools (e.g., Ansible, Chef, Puppet).
• Experience with version control systems (e.g., Git).
• Bachelor’s degree in Computer Science, Information Technology, or a related field.