Splunk Engineer/Administrator

Role : Splunk Engineer/Administrator
Location :San Antonio, TX (Hybrid)
Duration : 12+ Month Contract
Visa : GC, USC, GC-EAD
Exp : 12+ years

Splunk Engineer/Administrator. This is a 12+ month contract opportunity based out of San Antonio, TX/ (Hybrid).

Qualifications:
 

8+ years of overall IT experience.
3+ years’ experience in managing, designing, and configuring Splunk environment (both on-prem and cloud).
3+ years’ experience in a Linux environment, including administration, scripting, or supporting applications.
Experience with Splunk Enterprise Security Premium Application and Splunk Enterprise.
Experience in requirement gathering and documentation.
Experience in developing and supporting Splunk Applications.
Experience in automation with programming languages like Python, JAVA, .NET, and Ansible is a plus.
Experience in technologies like GIT, JIRA, and Automation Testing.
Familiarity with Phantom, Cloud computing, Web Interfaces, Databases, Big Data technologies (like Hadoop, Kafka, etc.).
Understanding of Continuous Delivery and Continuous Integration.
Splunk Admin Certification is mandatory.
Excellent communication and interpersonal skills.
Splunk core admin experience is mandatory.

Responsibilities:

Support, admin, maintain, and expand Splunk infrastructure to meet future architecture design and deployment requirements.
Develop distributed Splunk applications, including requirement gathering, coordinating Splunk setup.
Recommended Splunk implementation best practices and fixes.
Design, implement, and optimize Splunk applications (to include Enterprise Security), queries, knowledge objects, and data models.
Perform basic and advanced scripting tasks with Splunk to automate repeatable processes using Python.
Deploy Best Practices for developing Splunk Apps and create a conceptual architecture for a continuous improvement initiative.
Provide an Impact assessment for migration efforts.
Support Performance Testing and User Acceptance Testing.
Design and implement Custom Searches and reports.
Build proof of concepts for Splunk enhancements.
Tuning information model, defining reusable templates.
Define reusable view templates, and retention & archival policies.
Provide an Impact assessment for migration efforts and coordinate migration activities.

Nice to Have:

Experience in Security information and event management (SIEM).
Experience with RTIR.
Certifications in Splunk, CISSP or similar.