Splunk Engineer

• Posted : 4 years ago

TEKsystems has a long term contracting opportunity for a Splunk Engineer for a customer based in the Minneapolis, MN area. This position can work 100% remote.

Please note: Due to client and US regulations, candidates for this position must be US Citizens.

Technical Skills and Experience:

• Splunk ES (Enterprise Security)
• ITSI (IT Service Intelligence) experience
• Experience in using Python scripting language to automate tasks and manipulate data.
• Development of automated searches and applications using Python, and regular expressions.
• Experience deploying applications via Deployment Server or the SplunkDeployer
• Experience with rule and advanced logic creation in Splunk
• Experiencing working on and configuring the following: Searchhead Clustering Index Clustering Indexer deployment Varying Retention configuration Hot & Cold Data configuration Searchhead deployment Deployer App Creation Access Controls
• Thorough understanding and operational experience with Splunk Search Language / SPL (Search Processing Language)
• Thorough understanding of Splunk's Common Information Model (CIM)
• Understanding of Splunk's advanced capabilities to include: Splunk Enterprise Security (ES), Splunk User Behavior Analytics (UBA), Splunk Machine Learning Toolkit, Splunk Cloud, Advanced Threat Analytics
• Understand SPL (Search Processing Language)
• Experience working through performance issues on Splunk platform
• Knowledge of enterprise logging, with a focus on application logging
• Experienced in providing technical integration advice that includes evaluating inputs, WMI issues, crash logs, and alert scripts with the ability to identify and correct vulnerability findings experienced with Splunk migrations and implementations.
• Previous experience with data normalization and data modeling specifically within the Splunk environment
• Development of documentation, architecture diagrams, and process and procedures for end users. Ability to produce high quality technical documentation
• Knowledge of network technology and common internet protocols
• Experience deploying apps within Splunk or administrating the Splunk platform
• AWS
• Ansible

Job Duties and Responsibilities:

• Ability to work with a diverse team on security tools and applications providing custom and tailored software changes as required on Splunk to monitor and detect cyber security threats in an environment for various clients within large program.
• Splunk Technical Add-on installation/configuration
• Splunk Forwarder deployment and configuration
• Data import and field extraction
• ITSI and Splunk custom Dashboard and report development
• Developing network or endpoint-based anomaly detection alerting logic in SPL and building dashboards to visualize results.
• Experienced in the design, analysis, evaluation, installation, testing, debugging and installation of Splunk.
• Day-to-day activities include working with customer teams and supporting current tasks and activities.
• Participate in technical meetings with customers' technical specialists.
• Provide support for incidents relating to Splunk infrastructure operations.
• Continuously improve Splunk deployments and integrate new technologies and services.
• Provide day-to-day support and implementation on large Splunk environment
• Ensure Splunk infrastructure is up and running and performing with maximum efficiency 24x7
• Work with client and customer teams on importing custom data into Splunk
• Develop monitoring for ensuring Splunk infrastructure health (Disk usage, CPU/Memory usage, Performance)
• Develop reports on Splunk usage share with team and upper management
• Perform upgrades and patch installs of Splunk infrastructure
• Identify opportunities for Application teams to add Splunk Knowledge Objects
• Work with Splunk Support to resolve any issues on time
• Thoroughly document any procedures to support Splunk Infrastructure
• Write scripts to automate Splunk Administration activities
• Experience with Agile methodology
• Support experience in a large enterprise environment

About TEKsystems:

We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.

Skills

• python
• aws
• machine learning
• architecture
• cyber security