HIRING SPLUNK PROFESSIONALS

Job Description

WE ARE HIRING SPLUNK PROFESSIONALS
• PLUNK analysts
• splunk admin
• splunk architects
• splunk enigneers
• splunk scc-1/ scc-2
JD
• Work with application team in ensuring logs file are ingested with Splunk
• Defining index or that logs can be segregated from other logs.
• Must have experience in SIEM Tools HP ArcSight, Splunk ES App, IBM Qradar
• Generating smart alerts and trend charts.
3 years of IT experience Operate and maintain existing Log Management Infrastructure by designing system configuration, directing system installation, defining, documenting, and enforcing system standards.Maximizes system performance by monitoring performance, troubleshooting problems and outages, scheduling upgrades; Collaborating with network and system team to ensure all required logs are collected; Ensure all Service Requests, Incidents and Problems are completed/resolved within the required time period; Reporting of operational status by gathering, prioritizing information;Knowledge of ArcSight or Splunk Responsible to install and configure the Splunk forwarder agent across various OS in Application environment to collect the data feeds into Splunk Environment Log Analysis and creation of Splunk knowledge objects Responsible to create index with appropriate retention and retirement policies by managing the bucket policies Scheduled Splunk based Reports and Alerts to monitor the system health performance and breaches Maximizes system performance by monitoring performance, troubleshooting problems and outages, scheduling upgrades; Experienced in implementing and clustering to maintain data availability and disaster recovery Created Splunk automatic lookups and workflowsRequirement Experience with interconnected, heterogeneous systems Networking background, WIN or Nix systems administration Familiarity with common infrastructure technologies Strong understanding of industry standards and technologies Implements and maintainsSplunk platform infrastructure and configurationYour key responsibilities
• Develop advanced scripts for the manipulation of multiple data repositories to support analyst software application requirements, analyze information to determine, recommend and plan delivery of large data sets.
• Splunk administration in environments like windows servers, redhat Linux enterprise servers.
• Perform various operations on tools like Splunk enterprise, Splunk itsi and Splunk stream.
• Create Splunk apps, searches, data models, dashboards, reports and alerts using Splunk query language.
• Create shell scripts to install Splunk forwarders on all the servers with configuration files such as, inputs.conf, props.conf, etc.
• Experience in onboarding data bases using dbConnect app in Splunk.
• Develop distributed Splunk applications, including requirement gathering, coordinating Splunk setup
• Support, maintain and expand Splunk infrastructure to meet future architecture design and deployment requirements
• Perform basic and advanced scripting tasks with Splunk to automate repeatable processes using Python Design implement and optimize Splunk applications (to include Enterprise Security), queries, knowledge objects, and data models.
• Develop new dashboards, searches, and alerts to enhance Enterprise Security use cases.
• Deploy Best Practices for developing Splunk Apps and create conceptual architecture for a continuous improvement initiative
• Provide Impact assessment for migration efforts.
• Support Performance Testing and User Acceptance Testing
• Design and implement Custom Searches and reports
• Build PoCs for Splunk enhancements
• Monitored notable events through Splunk enterprise security. Interact with the data warehousing team to extract the data identifying field for CIM mapping. Write automation scripts for rest APIs testing. Work with front end applications to help guide users toward various apps across Splunk enterprise system.
• Writing complex regex patterns using ifx, rex command and regex to extract the data to support the stakeholders requirements to build use-cases.
• Design Splunk system solutions to meet growth while maintaining a balance between performance, stability, scalability and agility.
• Develop automation scripts to automate most of the daily jobs to increase efficiency and to reduce human errors.
• Design Splunk system solutions to meet growth while maintaining a balance between performance, stability, scalability and agility.
• Troubleshoot Splunk server and agent problem and issues
• Migrate from one SIEM solution to another
• Should have knowledge of a scripting language and UNIX command line.
• Strong Cyber Security Background
Primary Skills
• Splunk agent installation and data ingestions expertise.
• Splunk certified and knowledge of heavy forwarder is a plus.
• Splunk Certified Consultant II and Splunk Certified Architect Certifications.
• Must have: At least 3 years of hands-on experience designing, architecting, and implementing Splunk globally for global financial institutions.
• SOC experience preferred.

Keyskills :
arcsightsplunkwinsoctroubleshoot splunk serversplunk es applog management infrastructurenix systems administrationibm qradar