Job Description :
Looking for an experienced Splunk architect to lead the implementation of Splunk for the Enterprise Logging & Analytics project. The ideal candidate will be Splunk Certified and have prior experience implementing an operational Splunk environment.
Review, recommend changes and improve upon the current Splunk Enterprise deployment to include indexer and search head architecture
Partner with IT stakeholders to develop requirements and create execution plan to utilize Splunk for centralized enterprise log analysis
Set up forwarders, logging inputs and Splunk apps on a variety of system sources (Linux, Windows, Weblogic, Tomcat, Oracle, SQL Server)
Create alerts and monitoring for key security and application events
Develop dashboards and reports for monitoring of real-time log data
Train users on utilizing Splunk and performing routine activities, to include creating dashboards and alerts
Advise regarding prioritization of data collection and data retention to achieve maximum results for security and event monitoring.
Assist with development of Splunk system lifecycle process for continuous improvement and expansion of enterprise logging and data collection
Provide advice and consulting to identity opportunities for additional Splunk use cases within the enterprise environment
Required Experience:
6+ years of experience in an enterprise IT role
2+ years of experience as a Splunk administrator, architect, or consultant
Experience in interacting with other IT stakeholders gathering requirements, onboarding, configuration, and optimization of the Splunk suite of tools
Preferred experience with Linux systems and using scripting languages (Shell, Python, SQL) to automate tasks and manipulate data
Knowledge of enterprise logging, including application, OS, and security technology logging
Certifications (preferred):
Splunk Certified Admin, Splunk Certified Architect, or Splunk Certified Consultant Highly Preferred