Splunk Engineer/Administrator C2C requirements Onsite

Location: San Antonio, TX / Irvine, CA – Need locals

Contract

Qualifications:

·        10+ years of overall IT experience.

·        3+ years’ experience in managing, designing, configuring Splunk environment (both on-prem and cloud)

·        3+ years’ experience in the Linux environment including administration, scripting, or supporting applications.

·        Experience with Splunk Enterprise Security Premium Application and Splunk Enterprise.

·        Experience in requirement gathering and documentation.

·        Experience in developing and supporting Splunk Applications.

·        Experience in automation with programming languages like Python, JAVA, .Net, Ansible is a plus.

·        Experience in technologies like GIT, JIRA, Automation Testing.

·        Familiarity with Phantom, Cloud computing, Web Interfaces, Databases, Big Data technologies (like Hadoop, Kafka etc.)

·        Understanding of Continuous Delivery and Continuous Integration.

·        Splunk Admin Certification is mandatory.

·        Excellent communication and interpersonal skills.

·        Splunk core admin experience is mandatory.

Responsibilities:

·        Support, admin, maintain, and expand Splunk infrastructure to meet future architecture design and deployment requirements.

·        Develop distributed Splunk applications, including requirement gathering, coordinating Splunk setup.

·        Recommended Splunk implementation best practices and fixes.

·        Design, implement, and optimize Splunk applications (to include Enterprise Security), queries, knowledge objects, and data models.

·        Perform basic and advanced scripting tasks with Splunk to automate repeatable processes using Python.

·        Deploy Best Practices for developing Splunk Apps and create conceptual architecture for continuous improvement initiative.

·        Provide Impact assessment for migration efforts.

·        Support Performance Testing and User Acceptance Testing.

·        Design and implement Custom Searches and reports.

·        Build proof of concepts for Splunk enhancements.

·        Tuning information model, defining reusable templates.

·        Define reusable view templates, and retention & archival policies.

·        Provide Impact assessment for migration efforts and coordinate migration activities .

Nice to Have:

·        Experience in Security information and event management (SIEM).

·        Experience with RTIR.

·        Certifications in Splunk, CISSP or similar.