Job Description :
SPLUNK ADMINISTRATOR
Location: Rosemead, CA
Duration: 12+ month contract
Job Description
The Senior Splunk Administrator resides within the Power Systems Control (PSC) Security & Compliance team within Grid Services in the Information Technology department. As a Splunk Expert, you will be responsible for the administration in a medium to large distributed deployment environment. You are self-motivated working on Splunk installation, configuring data inputs and forwarders, data management, user accounts, licenses, troubleshooting and monitoring.
Day to Day Responsibilities
· Design and implement solutions to address and meet logging requirements in the SCADA Utility industry for IT and OT assets with or without remote logging capabilities.
· Manage Apps/Dashboards for license usage and Application errors.
· Setting up Splunk Forwarding for new application tiers introduced into the environment.
· Identifying bad searches/dashboards and partnering with the creators to improve performance.
· Troubleshooting Splunk performance issues / Opening support cases with Splunk.
· Monitor the Splunk infrastructure for capacity planning and optimization.
· Troubleshoot log feeds, field extractions, search time, etc.
· Provide Granular, Role-based Security.
· Restrict access to sensitive logs and confidential data.
· Report generation and customization.
Required Qualifications
· Bachelor’s Degree.
· Splunk Certification (Certified Admin or Certified Architect
· Ten (10) years of experience in the information technology field performing complex analysis, consulting and providing recommendations.
· Three (3) years of experience as a Splunk Administrator.
· Six (6) years of experience in information system architecture methodologies, security controls, systems security management, incident response and threat analysis, risk management, and cybersecurity support including:
Design, implementation, and support of Splunk (Indexers, Forwarders, Search-Heads Setup etc
Implementing and administering Splunk.
Experience with Linux and Windows agents for Splunk administration with a solid understanding of the Splunk system.
Experience in onboarding new data, configuration, creating new dashboards, extracting information through Splunk.
Other Qualifications
· Network Security Fundamentals.
· CompTIA Security+ certified.
· Experience working with SCADA systems and knowledge of NERC CIP standards and requirements.
· Drive complex deployments of Splunk dashboards and reports while working side by side with the customers to solve their unique problems across a variety of use cases.