Splunk Development & Administration Cyber Security Analyst

The ideal candidate will work primarily on Splunk Administration (L2 Support) however experience of development will be an add-on.

 

Job Description and key skills:

1. Implement and manage Splunk applications and add-ons version upgrades and lifecycle management, including versioning for applications such as Sanity and Compliance platforms.
2. Perform data onboarding, parsing, normalization, and STIX-based input/output integration for security and compliance use cases.
3. Design, develop, optimize, and troubleshoot Splunk dashboards, searches, alerts, and reports to improve operational visibility and performance.
4. Manage and optimize Splunk configurations including inputs.conf, props.conf, transforms.conf, and other deployment configurations.
5. Monitor and maintain Splunk infrastructure components such as Indexers, Search Heads, Forwarders, and Cluster environments to ensure high availability, performance, and data integrity.
6. Investigate incidents, perform root cause analysis (RCA), resolve operational issues independently, and escalate complex cases to L3 support when required.
7. Execute controlled deployments of Splunk apps, add-ons, knowledge objects, and configuration changes across environments.
8. Collaborate with application teams, data owners, and analysts for onboarding, validation, troubleshooting, and optimization of log sources.
9. Configure and support integrations with enterprise platforms including ServiceNow, AWS, Azure, GCP, DB Connect, ITSI, Akamai, ServiceNow, Okta Identity
10. Handle user provisioning, RBAC access management, and security governance within Splunk environments.
11. Monitor indexing latency, ingestion rates, storage utilization, and overall platform health; identify and resolve performance bottlenecks proactively.
12. Automate routine administrative and operational tasks using Bash, Python, PowerShell, and scripting techniques.
13. Support CI/CD pipelines implementation and DevSecOps practices using tools such as GitHub, Jenkins, and cloud-native integrations.
14. Work collaboratively with cross-functional teams and other projects within the 3SIP program to ensure alignment and successful delivery.
15. Create and maintain technical documentation, operational procedures, deployment guides, and knowledge base articles.
16. Apply strong understanding of Splunk architecture, distributed deployments, CIM, SIEM concepts, and ITIL best practices for incident, problem, and change management.
17. Utilize technical knowledge in Linux, Windows, SQL Server, REGEX, SPL, XML, JavaScript, Python, Agile methodologies, and architectural design principles to support enterprise monitoring solutions.
18. Contribute to continuous improvement initiatives, operational excellence, and monitoring best practices across the Splunk ecosystem.

 

 

Tools: Splunk, ServiceNow, GitHub, Terraform, AWS, GCP, Ansible

Certifications:-

1. Splunk Core Certified User / Splunk Core Certified Power User
2. Splunk Enterprise Certified Admin
3. Splunk Cloud Certified Admin

Total Experience Expected: 04-06 years

B.E. /B Tech in IT or Computer Engineering.

To be able to work in European Shifts or 24/7

At our organization, we are committed to fighting against all forms of discrimination. We foster a work environment that is inclusive and respectful of all differences.

All of our positions are open to people with disabilities.