JOB SUMMARY

We are seeking a Splunk IT Service Intelligence (ITSI) Certified Admin to manage, optimize, and enhance our ITSI environment. The role involves administering Splunk ITSI modules, configuring KPIs, services, glass tables, and correlation searches to enable proactive monitoring and improve IT operations visibility. The ideal candidate will build real-time dashboards, configure predictive alerts, and design escalation workflows that streamline incident detection and resolution.

REQUIRED QUALIFICATIONS:

• **Splunk IT Service Intelligence (ITSI) Certified Admin certification(Mandatory).
• 3+ years of experience in IT Operations/Service Monitoring.
• Hands-on expertise in building KPIs, services, glass tables, and correlation searches.
• Strong Splunk Core Administration skills (deployment, indexing, search optimization).
• Proficiency with SPL (Search Processing Language) for dashboards, alerts, and reports.
• Experience configuring Episode Review and KPI-based alerting.

PREFERRED QUALIFICATIONS:

• Splunk Enterprise Certified Admin or Architect.
• Experience with predictive analytics, anomaly detection, and machine learning in ITSI.
• Familiarity with ITIL/ITSM frameworks and incident management workflows.
• Integration experience with third-party monitoring tools (ServiceNow, Nagios, AppDynamics, etc.).
• Knowledge of Linux administration, networking concepts, and automation using Python/Shell
  Job Type: Full-time

License/Certification:

• Splunk IT Service Intelligence (ITSI) Admin Certification (Required)

Security clearance:

• Confidential (Preferred)

Work Location: Remot

• Install, configure, and administer Splunk ITSI modules.
• Create and maintain services, KPIs, service trees, health scores, glass tables, and correlation searches.
• Configure ITSI Episode Review policies for event correlation and incident management.
• Define KPI-based thresholds, alerts, and predictive monitoring for proactive incident detection.
• Design and maintain custom dashboards and glass tables for real-time monitoring of IT services.
• Build multi-level drill-down dashboards to analyze service health and performance trends.
• Work with stakeholders to translate requirements into actionable visualizations for operational and executive teams.
• Configure alerts and escalation workflows based on KPI thresholds and correlation searches.
• Automate alerting and reporting to improve efficiency of incident management.
• Ensure proper alert routing to relevant teams and escalation as per defined SLAs.
• Manage Splunk environments (indexer/search head clusters, deployment servers, forwarders).
• Perform troubleshooting of Splunk infrastructure performance, data onboarding, and search optimization.
• Develop and maintain sourcetypes, field extractions, lookups, and data models for ITSI.
• Act as a Subject Matter Expert (SME) for Splunk ITSI and dashboards.
• Perform upgrades, tuning, health checks, and capacity planning for ITSI and Splunk clusters.
• Automate Splunk ITSI configurations using APIs, deployment server, or scripting (Python/Shell).
• Collaborate with IT and security teams to onboard new data sources and integrate with third-party tools (e.g., ServiceNow, Nagios, monitoring platforms)..