Splunk Cloud Expert
Posted 2 years ago
We’re looking for a Splunk Expert! Reach out if you’re interested and feel free to refer friends/colleagues!
Type of Employment: Contract
Title: Data Architect
Location: Remote for now – Toronto/Ottawa
Job ID number: C1288
Brief description of duties:
- Provide recommendations for migrating from our current use of the Splunk App for Infrastructure and Splunk App for AWS for health monitoring of our IT environment, towards using either Splunk IT Essentials Work or Splunk ITSI. Create and implement the migration plan.
- Configure log/event ingestion of log/event types of IT systems (e.g. firewall appliances, backup software, security software, custom apps, etc.) that are not natively supported through apps/add-ons on Splunkbase.
- Configure log/event ingestion of log/event types that are supported through available apps/add-ons on Splunkbase which are not currently being collected in Splunk Cloud.
- Create and optimize custom Splunk alerts, dashboards, and reports used for both security and IT health monitoring and alerting.
- Suggest and implement improvements for building automation between Splunk and other IT systems for the purpose of security operations.
- Complete Splunk operational activities (e.g. requests from Splunk Support to perform required maintenance activities, addressing source types that have ceased logging to Splunk, addressing incident tickets from the client Splunk users, etc.).
- Collaborate and provide guidance, instruction, training, and knowledge transfer to team members; and Document implemented changes.
- Splunk Cloud
- Configuring collection of new source types into Splunk
- Knowledge and experience with the Splunk App for Infrastructure, Splunk ITSI, and Splunk IT Essentials Work
- Possession of Splunk certifications such as Splunk Core Certified Consultant, Splunk Enterprise Certified Architect, Splunk Cloud Certified Admin.
|Job Category||Splunk developer|
|Configuring collection of new sourcetypes into Splunk||5-3|
|Splunk App for Infrastructure, Splunk ITSI, and Splunk IT Essentials Work||1-3|