The ideal candidate will work primarily on Splunk Administration (L2 Support) however experience of development will be an add-on.
Job Description and key skills:
Implement and manage Splunk applications and add-ons version upgrades and lifecycle management, including versioning for applications such as Sanity and Compliance platforms.
Perform
data onboarding, parsing, normalization, and STIX-based input/output integration
for security and compliance use cases.
Design, develop, optimize, and
troubleshoot Splunk dashboards, searches, alerts, and reports to improve operational visibility and performance
.
Manage and optimize Splunk configurations including
inputs.conf, props.conf, transforms.conf,
and other deployment configurations.
Monitor and maintain Splunk infrastructure components such
as Indexers, Search Heads, Forwarders, and Cluster environments
to ensure high availability, performance, and data integrity.
Investigate incidents,
perform root cause analysis (RCA)
, resolve operational issues independently, and escalate complex cases to L3 support when required.
Execute controlled deployments of
Splunk apps, add-ons, knowledge objects, and configuration changes across environments
.
Collaborate with application teams, data owners, and analysts for onboarding, validation, troubleshooting, and optimization of log sources.
Configure and support integrations with enterprise platforms including
ServiceNow
,
AWS
,
Azure
,
GCP
, DB Connect, ITSI, Akamai, ServiceNow, Okta Identity
Handle user provisioning, RBAC access management, and security governance within Splunk environments.
Monitor indexing latency, ingestion rates, storage utilization, and overall platform health; identify and resolve performance bottlenecks proactively.
Automate routine administrative and operational tasks using Bash, Python, PowerShell, and scripting techniques.
Support
CI/CD pipelines implementation and DevSecOps
practices using tools such as
GitHub, Jenkins, and cloud-native integrations
.
Work collaboratively with cross-functional teams and other projects within the 3SIP program to ensure alignment and successful delivery.
Create and maintain technical documentation, operational procedures, deployment guides, and knowledge base articles.
Apply strong understanding of
Splunk architecture, distributed deployments, CIM, SIEM concepts, and ITIL
best practices for
incident, problem, and change management
.
Utilize technical knowledge in Linux, Windows, SQL Server, REGEX, SPL, XML, JavaScript, Python, Agile methodologies, and architectural design principles to support enterprise monitoring solutions.
Contribute to continuous improvement initiatives, operational excellence, and monitoring best practices across the Splunk ecosystem.
Tools
: Splunk, ServiceNow, GitHub, Terraform, AWS, GCP, Ansible
Certifications:
-
Splunk Core Certified User / Splunk Core Certified Power User
Splunk Enterprise Certified Admin
Splunk Cloud Certified Admin
Total Experience Expected: 04-06 years
B.E. /B Tech in IT or Computer Engineering.
To be able to work in European Shifts or 24/7
At our organization, we are committed to fighting against all forms of discrimination. We foster a work environment that is inclusive and respectful of all differences.
All of our positions are open to people with disabilities.
