hireejobsgulf
Register for Job

Splunk System Administrator

7.00 to 10.00 Years   Toronto, Canada   18 Mar, 2022
iVedha
1 Jobs Openings
Job LocationToronto, Canada
EducationNot Mentioned
SalaryNot Mentioned
IndustryIT Services
Functional AreaNot Mentioned

Job Description

The Splunk Administrator will develop Splunk content to meet specific needs and requirements. Provide content development input into various security tools for ongoing security monitoring. Manage Splunk, Splunk ES, and Splunk UBA.Provide recommendations and implement changes to Splunk managed SaaS environment. Write and develop custom scripts, improve correlation searches and alerts, and develop dashboards as needed. Manage Splunk environment health and performance.Minimum Qualifications: To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below:

  • Bachelors degree in a related field or equivalent professional experience required
  • Minimum 5+ years IT experience with three or more years of practical experience in a technology administration role
  • Manages log processing pipeline from parsing through indexing
  • Writes/validates/customizes props and transforms, including field parsing and data model tagging
  • Manages data models and lookups
  • Creates complex searches as needed
  • Supports complex search writing by creating custom elements as needed
  • Serve as the primary escalation point for Splunk/Splunk ES data administration issues including log ingestion issues
  • Serve as an SME for Splunk/Splunk ES data administration tasks
  • Maintains the log collection pipeline lifecycle from endpoint configuration to Splunk/Splunk ES ingestion
  • Develops and implements effective correlation rules in collaboration with other Information Security Team members
  • Advanced knowledge and experience with Splunk
  • Splunk data management, indexing, Data import/export into and out of Splunk.
  • Advanced knowledge of the following:
o information systems security concepts and technologies;o network architecture and tools;o general database concepts;Candidates with these desired skills will be given preferential consideration:
  • Splunk certification
  • Azure Sentinel experience.
  • Certified Information Systems Security Professional (CISSP)
  • Certificate programs in relevant areas
  • Programming experience in any or all of the following languages: C, C++, HTML, PERL, JavaScript, SQL, Assembly, other scripting languages is a plus

Keyskills :

APPLY NOW

Related Jobs

© 2023 HireeJobsGulf All Rights Reserved