JOB DESCRIPTION

Responsibilities
System Operations
Perform checks and troubleshoot, if necessary, to ensure the Splunk services are running as intended for all environments.
Maintain and monitor Splunk infrastructure (Search Heads, Indexers, Forwarders, Deployment Server, Cluster Master, etc.).
Ensure uptime and system health via monitoring, tuning, and log analysis (including introspection, metrics logs).
Perform checks and troubleshoot if necessary, to ensure that the Splunk forwarders are working and can pipe logs back to Splunk systems.
Perform parser validation or write new custom parser according to the Authority’s request
Ensure Splunk supports threat detection, auditing, and incident response use cases.
Problem Resolution
Investigate problems and provide assistance to triage issues.
Track and report issues, support cases and incident resolutions on a weekly basis.
System Monitoring & System changes
Monitor Security advisory, new releases, notifications and maintenance expiry dates for all Software used in the System and assess the impact, if any.
Deploy and test system changes in the non-production environments when required.

REQUIREMENTS

• Experience working on Splunk system
• Possess Splunk Enterprise Certified Admin certifications or equivalent.

Please refer the Job description for details