Splunk Architect


Frisco, TX

Industry: Technology


Not Specified years

Posted 150 days ago

  by    Emily Russo

This job is no longer available.

We are looking for Splunk Architect for our client in Century City, LA / Frisco, TX

Job Title: Splunk Architect

Job Location: Century City, LA / Frisco, TX

Job Type: Contract ? 12 Months / Contract to Hire / Direct Hire

Job Description:



  • Expert or near-expert knowledge of a distributed Splunk installation - Multi-site Indexer Cluster, Search Head Cluster, Forwarders (Universal/Heavy), Deployer, Deployment Server
  • Strong experience with installing, building and working with Splunk Apps and add-ons in a distributed cluster
  • Strong experience with configuring HTTP Event Collector, Deployment Server and Deployer
  • Experience with data on-boarding procedures, CIM compliance and data normalization techniques
  • Strong experience with security data and security data models
  • Familiar with Index-time and Search-time data parsing
  • Strong knowledge of Splunk search language
  • Knowledge of Splunk Best Practices, Workflows, and Processes
  • Experience with automation of Splunk infrastructure configurations
  • Proficient in Git or other source control platforms
  • Experience configuring rsyslog/syslog-ng, and writing and using Regular Expressions
  • Expert or near-expert skills with Python and shell scripting, as well as managing Linux servers.
  • Experience tuning and configuring Splunk App for Enterprise Security (ES)
  • Strong experience with headless splunk management using CLI and config files
  • Experience with AWS and Azure
  • Experience with monitoring tools like New Relic, SCOM, Solarwinds or any other monitoring tools
  • Basic knowledge of Windows AD, Exchange, SQL and Microsoft clusters.