Job Description

- Job Title: Splunk Administrator Required Technical Skill Set: Splunk Admin Desired Experience Range: 4-6 years Location of Requirement: Pune/Hyderabad Summary: We are seeking a skilled Splunk Administrator to manage and optimize our Splunk environment. The role involves implementing, maintaining, and troubleshooting Splunk infrastructure, ensuring data integrity, and enabling advanced analytics and insights. The ideal candidate will have expertise in configuring Splunk forwarders, developing dashboards and reports, and managing Splunk's integration with various systems. Key Responsibilities: Experience in design, implementation, and support of Splunk (Indexers, Forwarders, Search-Heads Setup etc) Experience with implementing and administering Splunk. Splunk upgrades on Large Scale Enterprise Client Environments Validate log sources and indexed data, search through indexed data to optimize search criteria Ensure system availability, performance optimization, and security compliance. Troubleshoot issues related to data ingestion, search queries, and application functionality. Collaborate with IT, Security, and Development teams to align Splunk use cases with organizational goals. Expertise in building use cases around NIST and MITRE ATT&CK framework to enable detection at various stages of a cyber attack. Implementation of use cases using SPL/KQL with complex correlation across different data sources. Development of dashboards/workbooks, alerts. Implementation of SOAR workflows using Logic Apps, Phantom, Demisto etc. Experience with Linux and Windows agents for Splunk administration with a solid understanding of the Splunk system. Ability to create operations documentation for maintaining the Splunk infrastructure. Monitor the Splunk infrastructure for capacity planning and optimization. Experience in on boarding new data, Inputting new information, Creating new dashboards, Extraction info through Splunk Report generation and customization Assist and support application architects, product managers and architecture teams Coordinate with high-level professionals, technical teams, IT management, other related staff and third-party vendors Qualifications: Hands-on experience in managing Splunk Enterprise and Splunk Cloud. Proficiency in Splunk SPL (Search Processing Language) and dashboard creation. Strong understanding of system and network architectures. Experience with log onboarding and knowledge of syslog, JSON, and other data formats. Certifications such as Splunk Certified Admin or Architect are a plus Soft skills include: Strong problem-solving and analytical skills. Excellent communication and teamwork abilities. Ability to work independently and manage multiple tasks effectively.

Q1 Technologies