Softility seeks a potential Splunk Consultant with a minimum of 5-6 years of experience focused on Splunk Core responsibilities like architecting Splunk Enterprise setup and managing high availability. This role will join the Softility - Observability and Cloud Solutions Practice that is responsible for managing the Multi tenancy Splunk and Cribl Enterprise of reputed clients with vast infrastructure located in various locations across the globe. This is a strategic position and will be instrumental in the design, implementation, support, performance, optimization, and integrity of the Logging ecosystem. You will work closely with multiple stakeholders and global partners.
Responsibilities
- Integration of various applications and databases to Splunk Enterprise.
- Analyze the existing Splunk set-up to assess the data flow from log sources.
- Identify the data size inflow to Splunk and Cribl and chart an action plan for optimization of data.
- Analyze the required Splunk and Cribl specifications to set up seamless logging flow for Greenfield regions.
- Independently manage and execute the one-time setup and administer the ongoing activities.
- Configure Index and Search Head clustering and integrate with Enterprise Security Search heads.
- Configure Cribl workers and leaders to ensure log ingest from sources flows through Cribl stream with necessary optimization and filtering across the pipelines.
- Enable connectivity between multi-tenancy Splunk and Cribl for seamless InfoSec monitoring.
- Review and identify the noise and unwanted log flow ingest and prepare the estimates for Leadership review
- Clearly communicate the risk stakes and business impact that may occur in infrastructure changes.
- Brainstorm on the probable approaches and best practices in Logging implementations.
- Handle change management and work as On-Call if required.
Requirements
- Minimum 3 years of experience in Splunk real-time deployments and configuration of Cribl worker nodes and filtering.
- Minimum 3 years of experience in Splunk Administration and operational support.
- Hands-on experience in using version control tools such as Git/GitHub.
- Hands on with log management systems like syslog-ng or rsyslog.
- Intermediate or advanced level in any scripting or Python language.
- Experienced in working with business partners to gather and interpret requirements.
- Effective documentation, communication, and interpersonal skills to be able to collaborate within the immediate team as well as with other groups in IT.
Preferred Skills
- Hands-on experience in managing Splunk and Cribl infrastructure and Enterprise Security configurations.
- A Splunk Architect certification or equivalent would be an added advantage.
This job was posted by Careers Softility from Softility.
