The Splunk Engineer will design and optimize Splunk architecture for large-scale/distributed deployments. Establish and ensure adoption of best practices and development standards. Maintain a close partnership with Splunk on feature requests, upgrade planning, and product roadmap alignment. Implement and maintain Splunk infrastructure and configuration
- 2-4 years architecting, configuring, deploying, and customizing the tool, preferably both in supporting the application and utilizing the application for information security monitoring, incident response, and compliance.
- Ability to create visualizations in Splunk and custom queries to manipulate views.
- Experience managing Security tools in an enterprise environment that includes firewalls, IDS/IPS, assessment and scanning tools, endpoint solutions, and audit logs from various platforms.
- Knowledge of a scripting language and UNIX command line.
- At a minimum, the candidate will have a bachelor’s degree in IT related field.
- Splunk Administrator certification required
- Splunk Architect certification preferred.
- Architecting and deploying Splunk Enterprise implementations in small to medium sized customers.
- Administering Splunk and Splunk App for Enterprise Security (ES) log management.
- Integrating Splunk with a wide variety of legacy data sources that use various protocols.
- Consulting with customers to customize and configure Splunk in order to meet their requirements.
- Technical writing/creation of formal documentation such as reports, training material, slide decks, and architecture diagrams.