Senior Splunk Engineer

**Location**

Singapore, West

**Job Type**

Permanent

**Salary**

$6,000 - $10,000 Per Month

**Date Posted**

6 hours ago

Additional Details

**Job ID**

111787

**Job Views**

16

**Job Description**:
Roles & Responsibilities
**What you will be doing**
**Splunk Deployment and problem management**:

- End to end support for the global enterprise-scale (20 TB/day) Splunk Core and Splunk Enterprise Security implementation, including components like Multisite index clusters, Search heads clusters, deployment servers, etc.
- Proactively monitor and respond to the issues with the system, including the regular monitoring of the MC, and admin alerts.
- Respond to the system alerts generated by Splunk, which indicate system health issues.
- Managing the configurations effectively in version control systems (GitLab) to make sure wrong configurations are fixed/reverted.
- Create/Manage Splunk support tickets with vendor Splunk as necessary.
- Regular monitoring of the environment in conjunction with projected future growth for capacity planning and providing advice to Architect and program manager for scaling to meet future demands.
**Splunk Data onboarding management**:

- Document existing and newly ingested data sources and monitor all onboarded data sources for feed run-dry.
- Document installation steps, support procedures, backup and recovery, troubleshooting, etc.
- Proactively Monitor the Splunk data feeds, create and set up alerts, dashboards, and reports.
- Expertise in writing advanced SPL queries and knowledge of CIM, Data model mapping, Splunk knowledge objects like extracted fields, events, tags relevant for Dashboard development.
- Finetune dashboards /reports for improved performance using Splunk best practices.
**Splunk software maintenance and upgrade**:

- Perform maintenance & upgrades of Splunk indexers, search heads, forwarders, and deployment servers.
- Troubleshoot technical issues to establish the root cause of the problems and form a solution or workaround across Splunk Core and ES.
- Drive continuous improvement in the process and product supportability.
**What you should have**
- 6+ years of experience with Unix/Linux, and SIEM platform administration.
- 4+ years of Splunk Core and Splunk ES experience at an Admin level. Splunk Architect is great
- Expert level Splunk core Admin and SPL experience for relatively large Splunk deployments is required
- Splunk core admin certification is a must, ES admin certification is a plus.
- Experience with GitLab, Regular expressions, tcpdump, etc.
- Working knowledge and ITIL foundation-level experience are required. ITIL Foundation certification is a plus.
- Understanding of cyber security domain concepts, tools, networking, and web technologies. Security+ certification is a plus.
- Analyze complex problems, think creatively, communicate recommendations, influence change, and be able to drive process and structure into a highly dynamic environment
- Strong written and verbal communication skills
- Strong work ethic and commitment to accomplishing assigned tasks.
**Benefits you will have**
- Flexible work arrangement (because we understand Life happens)
- Comprehensive medical benefits (including physical health screenings and term life insurance benefits)
- AWS and variable bonus
- Special staff purchase rates
- Flexible benefits (so you can claim for that staycay or gym membership you’ve been eyeing)
- Corporate social responsibility time off for 1 day each year to volunteer for a charity of your choice
- Milestone gifts (such as long service award and marriage gift because we want to celebrate both your professional and personal milestones)
- Wellness activities to promote healthy lifestyles
- Curated training programmes to encourage continuous professional development

At Sony, we strive to create a place for you to realise your potential and inspire you to make positive impact through innovation, smart collaboration and boundless curiosity. We are looking for people who believe that they can enrich lives and help us achieve our purpose - fill the world with emotion, through the power of creativity and technology.

Tags

senior

splunk

engineer