Splunk Administrator

Role overview As a Splunk SIEM administrator, you will be responsible for the implementation and administration in a medium to large, distributed deployment environment. You are self-motivated working on Splunk installation, configuring data inputs and forwarders, data management, user accounts, licenses, troubleshooting and monitoring. Your primary focus would be implementation of SIEM solution. Responsibilities: Monitor and analyze Splunk infrastructure to ensure optimal performance. Manage Splunk administration to ensure seamless service delivery operations. Provide expert technical guidance and support to project teams throughout the implementation lifecycle. Conduct rigorous system testing and troubleshooting to optimize the performance of service delivery solutions. Collaborate effectively with cross-functional teams to ensure the seamless integration of Splunk Develop and deploy automated and custom alerts, reporting and correlation in support of multiple missions. Implement and maintain SIEM solution - alerts, analytics, orchestration, automated incident response and integration with ticketing systems and risk scoring systems. Provide daily logging and facilitate security operations of the system, including supporting day-to-day data security operations, as a technical expert for this log data analytics and visualization platform. Integrate new data sources, applications, and technologies with Splunk. Monitor Splunk system updates and plan, review, and execute patch/upgrade deployments. Maintain documentation for Splunk. Troubleshoot logs feeds, field extractions, and searches. Support upgrades and patches on the environment and applications. Identify performance errors and maintain service availability. Monitor and analyse payment failure trends Skills & Experience: Minimum 2 Years of relevant experience in deployment/run support of Splunk, monitoring tools and Infrastructure support. Experience managing and administering Splunk infrastructure, including deployment, configuration, and maintenance of Splunk components such as indexers, forwarders, search heads, and clusters. Extensive experience in implementing and maintaining SIEM Solution. Strong communication and interpersonal skills with the ability to collaborate effectively with cross-functional teams. Experience monitoring Splunk environment health and performance, troubleshoot issues, and perform necessary upgrades and patches. Experience analyzing report data to identify patterns, trends, and areas for improvement in service delivery processes. Bachelor’s degree from an accredited university in a related field preferred Splunk Certification - Certified Admin or Certified Architect or Certified Security Admin is a plus