Splunk Engineer/Admin

Required

• Current Splunk Enterprise Certified Admin certification
• At least five (5) years of experience with Splunk in distributed deployments and at least one (1) year of experience with Splunk Cloud environments
• Experience with Splunk Enterprise Security
• Excellent written and oral skills, ability to work closely with multiple customers, manage expectations and track engagement scope
• Experience with Splunk Enterprise Security or integration with other Security Information and Event Management (SIEM) platforms
• Proficient at search time activities including parsing and normalizing events to the Splunk Common Information Model (CIM)
• Proficiency in utilizing data onboarded by Splunk developed add-ons (e.g. Windows, Linux, and common third-party devices and applications)
• Proficient in regular expressions
• Must be able to effectively collaborate and work with others in a remote work environment

Preferred

• Current Splunk Enterprise Security Certified Admin certification
• Knowledge of JIRA and Confluence

• Share this job
• Email
• Facebook
• Twitter