Job Description :
Expert or near-expert knowledge of a distributed Splunk installation - Multi-site Indexer Cluster, Search Head Cluster, Forwarders (Universal/Heavy), Deployer, Deployment Server
Strong experience with installing, building and working with Splunk Apps and add-ons in a distributed cluster
Strong experience with configuring HTTP Event Collector, Deployment Server and Deployer
Experience with data on-boarding procedures, CIM compliance and data normalization techniques
Strong experience with security data and security data models
Familiar with Index-time and Search-time data parsing
Strong knowledge of Splunk search language
Knowledge of Splunk Best Practices, Workflows, and Processes
Experience with automation of Splunk infrastructure configurations
Proficient in Git or other source control platforms
Experience configuring rsyslog/syslog-ng, and writing and using Regular Expressions
Expert or near-expert skills with Python and shell scripting, as well as managing Linux servers.
Experience tuning and configuring Splunk App for Enterprise Security (ES)
Strong experience with headless splunk management using CLI and config files
Experience with AWS and Azure
Experience with monitoring tools like New Relic, SCOM, Solarwinds or any other monitoring tools
Basic knowledge of Windows AD, Exchange, SQL and Microsoft clusters.