Splunk Engineer or Administrator @ Creeno Solutions

Job Title: Splunk Engineer or Administrator

Experience: 5 to 8 yrs
Location: Hyderabad
Job Type: Permanent
Work Schedule: This is a 24x7 support team. Ideal candidate would be willing to work night and weekend
shifts
Job Summary:
Provide overall engineering and design support for a very large distributed state of the art Splunk
environment. The Splunk Engineer/Admin would be responsible for enhancing the architecture,
performance tuning and Operational support in prod and non-prod environments. The candidate should
be familiar with recognizing and onboarding new applications into Splunk, perform trend analysis, build
dashboards and make recommendations.
Responsibilities:
Develop distributed Splunk applications, including requirement gathering, coordinating Splunk
setup
Support, maintain and expand Splunk infrastructure to meet future architecture design and
deployment requirements
Perform basic and advanced scripting tasks with Splunk to automate repeatable processes using
Python
Design, implement and optimize Splunk applications (to include Enterprise Security), queries,
knowledge objects, and data models.
Develop new dashboards, searches, and alerts to enhance Enterprise Security use cases.
Deploy Best Practices for developing Splunk Apps and create conceptual architecture for a
continuous improvement initiative
Provide Impact assessment for migration efforts.
Support Performance Testing and User Acceptance Testing
Design and implement Custom Searches and reports
Build PoCs for Splunk enhancements
Tuning information model, defining reusable templates
Define reusable view templates, and retention & archival policies
Provide Impact assessment for migration efforts, and coordinate migration activities
Mentor and train other System Engineers both onshore and offshore
Qualifications:
3 years experience in Managing, Designing, Configuring Splunk environment.
3 years experience in Unix environment including Administration, Scripting or Supporting
applications.
Experience in managing a large distributed Splunk environment consisting of Search heads,
Indexers, Cluster masters, Deployers, Deployment Servers, and Heavy/Universal forwarders
Experience in Syslog, Splunk HTTP Event Collection (HEC) and Windows Event Collection Services.
Experience in Developing Splunk Dashboards, Reports, Alerts, Visualizations and Optimize
searches
Experience in Log parsing, lookups, calculated fields, extractions using regex
Experience with one or more of the Splunk applications like DBConnect, ServiceNow, AWS, Azure,
Kafka.
Experience in Splunk ITSI Module and Phantom will be added advantage.
Experience with Splunk Enterprise Security Premium Application.
Experience in requirement gathering and documentation.
Experience in automation with programming languages like Python, JAVA, .Net, XML, HTML.
Knowledge and Experience in GIT, Bitbucket, Bamboo, Ansible, Chef, JIRA
Familiarity with network topology, UDP, TCP, Proxys, Firewalls, Routers, and Switches.
Familiarity with Phantom, Cloud computing, Web Interfaces, Databases, and Big Data
technologies (like Hadoop, Kafka, etc.).
Understanding of Continuous Delivery and Continuous Integration.
Experience in coordinating with offshore support teams/virtual teams.
Excellent communication and interpersonal skills.
Nice to have experience in Security information and event management (SIEM).
Nice to have experience with RTIR

Please apply with your latest resume in word format to: rasi.n at creenosolutions.com