Job Description :
SPLUNK ADMINISTRATOR

Location: Rosemead, CA

Duration: 12+ month contract

Job Description

The Senior Splunk Administrator resides within the Power Systems Control (PSC) Security & Compliance team within Grid Services in the Information Technology department. As a Splunk Expert, you will be responsible for the administration in a medium to large distributed deployment environment. You are self-motivated working on Splunk installation, configuring data inputs and forwarders, data management, user accounts, licenses, troubleshooting and monitoring.



Day to Day Responsibilities

· Design and implement solutions to address and meet logging requirements in the SCADA Utility industry for IT and OT assets with or without remote logging capabilities.

· Manage Apps/Dashboards for license usage and Application errors.

· Setting up Splunk Forwarding for new application tiers introduced into the environment.

· Identifying bad searches/dashboards and partnering with the creators to improve performance.

· Troubleshooting Splunk performance issues / Opening support cases with Splunk.

· Monitor the Splunk infrastructure for capacity planning and optimization.

· Troubleshoot log feeds, field extractions, search time, etc.

· Provide Granular, Role-based Security.

· Restrict access to sensitive logs and confidential data.

· Report generation and customization.



Required Qualifications

· Bachelor’s Degree.

· Splunk Certification (Certified Admin or Certified Architect

· Ten (10) years of experience in the information technology field performing complex analysis, consulting and providing recommendations.

· Three (3) years of experience as a Splunk Administrator.

· Six (6) years of experience in information system architecture methodologies, security controls, systems security management, incident response and threat analysis, risk management, and cybersecurity support including:

Design, implementation, and support of Splunk (Indexers, Forwarders, Search-Heads Setup etc
Implementing and administering Splunk.
Experience with Linux and Windows agents for Splunk administration with a solid understanding of the Splunk system.
Experience in onboarding new data, configuration, creating new dashboards, extracting information through Splunk.



Other Qualifications

· Network Security Fundamentals.

· CompTIA Security+ certified.

· Experience working with SCADA systems and knowledge of NERC CIP standards and requirements.

· Drive complex deployments of Splunk dashboards and reports while working side by side with the customers to solve their unique problems across a variety of use cases.