We are looking for a Splunk Administrator/Engineer. You will be entrusted with the critical role of managing and optimizing our Splunk infrastructure for the SIEM Engineering team. This role involves configuring, maintaining, and troubleshooting Splunk infrastructure, ensuring the reliability, availability, and performance of our data analytics platform. You will work closely with cross-functional teams to design and implement monitoring solutions that enhance the visibility and security of our IT environment.
Key Responsibilities:
- Install, configure, and maintain Splunk infrastructure, including forwarders, indexers, and search heads.
- Perform regular system upgrades and patching to maintain security and performance.
- Monitor system performance and troubleshoot issues to ensure optimal functionality of Splunk.
- Collaborate with IT and security teams to integrate Splunk with other systems and applications.
- Provide technical Splunk support and training to end-users and stakeholders.
- Develop and maintain documentation for system configurations, processes, and procedures.
- Implement and manage data ingestion processes, ensuring data integrity and availability.
- Develop and manage Splunk dashboards, reports, alerts, and visualizations.
We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
Human Resources Request Form. The EEOC "Know Your Rights" Poster is available
here.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
- 5+ years of experience in a hands-on Splunk Admin/Engineering role
- 3+ years with hands-on experience configuring Splunk on AWS infrastructure, leveraging AWS services like EC2, S3, and Lambda to collect, index, and analyze data
- Experience writing detection rules
- Experience with log management and parsing strategies
- Experience with IaC tools like Terraform and Ansible for configuring
- Splunk Enterprise Certified Administrator
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.