RE: Splunk Admin
mohammed gouse
RE: Splunk Admin
Location:
Remote
Client:
IBM/MTA
The Splunk Administrator / Security Correlation Engineer (SCE) must be able to perform tasks and to use the Splunk tool, perform backups, define security alerts and manage search jobs. The Specialist must understand how to install and upgrade Splunk Enterprise, Splunk ES how to manage Splunk Phantom, understand the integration with Splunk Cloud and how create and handle incidents with Splunk professional services.
The configuration of data from external sources and the enhancement of data an important skill. The Splunk Administrator/SCE will manage indexes, indexers and clusters of indexers. The Splunk Administrator/SCE is responsible for scaling platform deployments, troubleshooting and documenting all the changes and upgrades.
Qualifications
Professional Skills:
-
Strong verbal and written communication skills. (English and Spanish)
-
Must be able to communicate with a wide variety of audiences, both business and technical.
-
Active and attentive listening skills.
-
Ability and willingness to work individually or in a team setting.
-
Establishes and maintains effective relationships.
Technical Skills:
-
Splunk Enterprise Admin Certification (Admin Cloud is a plus)
-
2-3 Splunk experience in a Linux Clustered Environment
-
1 + years working with Splunk - preferably in a clustered environment.
-
Hands on experience with Splunk in Linux/Unix environment.
-
Experience with onboarding custom application logs.
-
Good understanding of sourcetypes, event types and tagging.
mohammed gouse
venkatesh k
Job title: Splunk Admin
Goutham t
mohammed gouse
RE: Splunk Admin
Good understanding of sourcetypes, event types and tagging.