Senior Splunk Consultant

Employment Type :
Full-time

Experience :
5+ Years

Technical Skills :

• Minimum 3 years of experience in Splunk real-time deployments and configuration of Cribl worker nodes and filtering.
• Minimum 3 years of experience in Splunk Administration and operational support.
• Hands on experience in using version control tools such as Git/GitHub.
• Hands on with log management systems like syslog-ng or rsyslog.
• Intermediate or advanced level in any scripting or Python languages.
• Experienced in working with business partners to gather and interpret requirements
• Effective documentation, communication, and interpersonal skills able to collaborate within the immediate team as well as with other groups in IT.

Preferred Skills :

• Hands-on experience in managing Splunk & Cribl infrastructure and Enterprise Security configurations.
• Splunk Architect certification or equivalent would be an added advantage.

Responsibilities :

Softility Inc. seeks a potential Splunk consultant with minimum 5-6 years of experience focused on Splunk Core responsibilities like architecting Splunk Enterprise set-up and managing the high availability.

• This role will join the Softility – Observability & Cloud Solutions Practice that is responsible for managing the Multi tenancy Splunk & Cribl Enterprise of reputed clients with vast infrastructure located in various locations across the globe.
• This is a strategic position and will be instrumental in the design, implementation, support, performance, optimization and integrity of the Logging ecosystem
• You will work closely with multiple stakeholders and global partners.
• This is a multi-disciplinary role that will interact directly with developers and different IT functions including Security Engineering teams to;
• Integration of various applications and databases to Splunk Enterprise.
• Analyze the existing Splunk set-up to assess the data flow from log sources.
• Identify the data size inflow to Splunk & Cribl and charter action plan for optimization of data.
• Analyze the required Splunk & Cribl specifications to set up seamless logging flow for Greenfield regions.
• Independently manage and execute the one-time set up and administer the on-going activities.
• Configure Index and Search Head clustering and integrate with Enterprise Security Search heads.
• Configure Cribl workers and leader to ensure log ingest from sources flow through Cribl stream with necessary optimization filtering across the pipelines.
• Enable connectivity between multi tenancy Splunk and Cribl for seamless InfoSec monitoring.
• Review and identify the noise and unwanted log flow ingest and prepare the estimates for Leadership review
• Clearly communicate the risk stakes and business impact that may occur in infrastructure changes.
• Brainstorm on the probable approaches and best practices in Logging implementations.
• Handle change management and work as On-Call if required.