Splunk Administrator
Resource Informatics Group
•$80K — $120K *
Culpeper, VA 22701 In-Person
1 month ago
By clicking Apply, I agree with Ladders'
Job Description
Title : Splunk Administrator
Location: United States - Culpeper (1621 McDevitt Dr, VA 22701 Culpeper, United States) Hybrid
Role responsibilities:
• Onboard data to Splunk via forwarder, scripted inputs, TCP/UDP, and modular inputs from a variety of sources.
• Develop and implement strategies to normalize current and future log data, making it consistent and usable for analysis.
• Assess existing Splunk data feeds and implement changes to improve overall SIEM health and align with best practices
• Diagnose and resolve issues related to log ingestion and normalization.
Administration & Support
• Provide operations and maintenance support for a distributed Splunk environment consisting of heavy forwarders, indexers, and search head servers
• Build, implement, and administer Splunk in Linux environments
• Work with existing and custom Splunk applications and add-ons to fulfil customer needs
• Editing and maintaining Splunk configuration files and apps
• Maintain comprehensive documentation of log onboarding and normalization processes.
• Support security operational teams
Required qualifications:
Experience with Splunk Enterprise hands-on Engineering & Administration
deployment, troubleshooting, onboarding data, and maintenance in a clustered environment
Proficiency in SPL
Experience implementing CIM compliance and optimizing Splunk data models
Location: United States - Culpeper (1621 McDevitt Dr, VA 22701 Culpeper, United States) Hybrid
Role responsibilities:
• Onboard data to Splunk via forwarder, scripted inputs, TCP/UDP, and modular inputs from a variety of sources.
• Develop and implement strategies to normalize current and future log data, making it consistent and usable for analysis.
• Assess existing Splunk data feeds and implement changes to improve overall SIEM health and align with best practices
• Diagnose and resolve issues related to log ingestion and normalization.
Administration & Support
• Provide operations and maintenance support for a distributed Splunk environment consisting of heavy forwarders, indexers, and search head servers
• Build, implement, and administer Splunk in Linux environments
• Work with existing and custom Splunk applications and add-ons to fulfil customer needs
• Editing and maintaining Splunk configuration files and apps
• Maintain comprehensive documentation of log onboarding and normalization processes.
• Support security operational teams
Required qualifications:
Experience with Splunk Enterprise hands-on Engineering & Administration
deployment, troubleshooting, onboarding data, and maintenance in a clustered environment
Proficiency in SPL
Experience implementing CIM compliance and optimizing Splunk data models