We are seeking a skilled Splunk Engineer to join our dynamic IT operations team. In this role, you will be responsible for designing, implementing, and maintaining our Splunk infrastructure to ensure optimal system performance and security monitoring.
Your expertise will be crucial in analyzing system logs, developing dashboards, and providing insights that drive informed decision-making.

Job Description

• Install, configure, and manage Splunk Enterprise or ES.
• Manage cluster, indexes, forwarders, apps, dashboards, and roles within Splunk.
• Develop and optimize complex SPL queries.
• Monitor the health and performance of the Splunk clustering infrastructure and troubleshoot issues.
• Administrator access controls and user permissions in Splunk.
• Optimize resource utilization (CPU, RAM, Disk) on Splunk servers.
• Design and build analytical dashboards and monitoring reports for operational and security insights

Requirements

• Strong understanding of Splunk Search Processing Language (SPL).
• experience with Linux operating systems, including system administration, troubleshooting, and basic scripting.
• Hands-on experience with Universal Forwarders and Heavy Forwarders.
• Familiarity with Splunk apps such as Enterprise Security (ES)
• Troubleshooting and problem-solving skills related to Splunk performance and errors.
• Solid understanding of Splunk architecture: clustering, indexers, search heads, deployment servers.
• Basic knowledge of logging, monitoring, SIEM, and security event analysis.
• Proficiency in SPL and creating advanced searches