Description
Splunk Consultant
A Splunk Consultant is required by a global FTSE 100 Company with hands-on experience of Splunk Enterprise Security 4/5 running on a Search Head Cluster and Multi-site Index Cluster configurations. This is an initial contract until December 2020!
Responsibilities:
- Administer and monitor Splunk environment across all RDC's Plan,
- deploy and document architecture components, monitoring & alerting setup, troubleshooting guides
- Plan, develop, document and deploy automation and orchestration activity through integration with Security Use Cases.
- Onboarding new data as well as new customers to Splunk.
- Work with new customers to insure they are getting the most out of the data and help design new applications for their specific use.
- Test new versions and components in QA environment for promotion into Production.
- Development of new applications, views, file and database lookups, dashboards, reports, alerts, data collection, scheduling of alerts and reports.
- Create, configure, and manage summary-based reporting and data model acceleration and oversee strategies for improved performance.
- Build a strong enterprise-level model for data normalization, naming conventions, and Splunk application development standards.
- Work with Splunk team to establish priorities, deficits, and strategic goals for all aspects of team operations.
- Assist with the development and implementation of document configuration standards, policies and procedures for operating, managing and ensuring the security of Splunk infrastructure.
- Collaborate with architects, designers, requirements analysts, database and system administrators and developers on system and application design.
- Promote changes and releases through the various test, quality assurance and production systems. Assist in troubleshooting and resolving technical issues causing the unavailability of systems or applications for users.
- Assist in disaster recovery planning, documentation and implementation
Experience Required:
- Hands-on experience with Splunk 7 (>7.1 would be ideal)
- Splunk 6/7 Certified Administrator or Architect
- Hands-on experience with Splunk Enterprise Security 4/5 running on a Search Head Cluster and Multi-site Index Cluster configurations.
- Scripting experience with Regular Expressions, Python, Javascript, XML or other languages.
- Working knowledge with Enterprise technologies (SiteScope, SCCM, Nagios, Puppet, etc.).
- Expert administration knowledge in a number of technical areas which could include Microsoft operating systems, WebSphere, Microsoft SQL Server, PeopleSoft, upgrades, installations, and architecture.
- Experience with technical consulting, big data and/or statistical and analytical modelling.
- Demonstrated aptitude for learning new technologies.
- Ability to effectively communicate technical concepts to other technical staff members as well as non-technical members of the organization.
- Programming with Java, Ruby, PHP, or other Splunk-supported development languages.
- Working knowledge with automation technologies (Puppet, Chef, CFEngine).
- Ability to effectively communicate technical concepts to other technical staff members as well as non-technical members of the organization.
- Strong data analysis skills specializing in system and application log data.
- Strong data organizational skills, proven knowledge of data taxonomy and knowledge-based modelling.
- Detailed understanding software development life cycle principles, practice, & disciplines.
- Programming experience in Scripting, regular expressions, HTTP/XML, and data modelling.
- Strong understanding of enterprise-level architecture, operating systems and management.
- Strong interpersonal and communication skills, written and oral.
- Strong documentation and organizational skills.
- Strong understanding of Data Security principles and practices.
- Excellent written and verbal skills are essential.
- Strong Linux/Unix background with Scripting for automation and troubleshooting.
- Advanced knowledge of logging and troubleshooting.
Splunk Consultant