Job Description

Job Title : Splunk ITSI Architect

Location : Remote USA

Duration: Contract

Requirements:

4 - 5+ years of Splunk experience.

3 - 5+ years of Splunk IT Service Intelligence development experience mandatory. (ITSI)

4 - 8 years of overall industry experience as a technology practitioner (in IT Operations or Security).

Successful enterprise level implementation of Splunk Cloud a plus.

Experience in requirements gathering around the Splunk tool, documenting requirements, requirement analysis, product testing, etc.

Qualifications:

Prior experience Splunk enterprise cloud support large enterprise (> 5000 servers)

Experience developing Splunk ITSI glass tables, service trees, correlation searches, KPI's and notable event aggregation policies.

Splunk Certification (or equivalent experience) Preferred

Experience with enterprise-scale operations and maintenance environments

Minimum 2+ years of experience with rule and advanced logic creation within Splunk.

Cloud runtime services (e.g., AWS EC2, Lambda, CloudWatch, Azure compute, functions)

Experience with enterprise-scale operations and maintenance environments

Ability to interface well with end users.

Strong Communication, Written, and Verbal skills.

Primary Responsibilities:

As a Splunk Engineer, you will be involved in the deployment or enhancement of Infrastructure monitoring implementation of Splunk's Cloud solutions that use big data to solve complex IT Operations challenges. Work includes:

• Engineer, configure, administer, and support observability solution, including both Splunk Cloud, Splunk ITSI and Splunk Infrastructure Monitoring Enterprise Edition.
• Develop ITSI glass tables, service trees, Entity design, KPI's and correlation searches.
• Development of front-end searches, dashboards, and reports that are used for ops Analysts and IT engineers for advanced threat detection. Front-end development includes writing queries with Splunk's SPL (Search Processing Language).
• Perform root-cause analysis of any issues that arise post-implementation and work on solutions related to issue fixing.
• Create low-level design artifacts independently and high-level design artifacts with guidance and supports prototyping through the creation of POCs.
• Scaling will also include expansion of use cases and bringing new data sources into Splunk.
• Performing Splunk health checks, including review of existing deployment architecture and Splunk search performance. Making necessary recommendations and corrections for optimization of system and platform performance.
• Perform knowledge transfer to Ops Analysts and IT Engineers regarding Splunk use and performance.
• Partner with risk, compliance, and cybersecurity teams, to meet corporate log management and SIEM policies, requirements, and standards.
• Develop ingestion, onboarding and management efficiencies through automation and architectural enhancements.
• Develop, improve, and automate processes for log management.
• Design and implement dashboards and reports to meet business and user requirements.
• Partner with various user areas to understand their needs and facilitate the maturation of our log and SIEM posture.
• Maintain 24x7 uptime.
• Continually identify and evaluate opportunities to improve performance, availability, and stability

Job Tags

Similar Jobs