Splunk Engineer

4 weeks ago

Singapore Unison Group Full time
Responsibilities
  • The Splunk Engineer shall perform critical high-risk works during maintenance windows specified by the Client, which may be off-office hours or during weekends.
  • The Splunk Engineer shall be responsible for all corrective and preventive maintenance of the Splunk systems in all environments.
  • The Splunk Engineer shall remediate all vulnerabilities or penetration test findings pertaining to the Splunk systems.
  • The Splunk Engineer can raise tickets to Splunk principal for support and queries.
  • Perform checks and troubleshoot, if necessary, to ensure the Client's Splunk services are running as intended for all environments.
  • Maintain and monitor Splunk infrastructure (Search Heads, Indexers, Forwarders, Deployment Server, Cluster Master, etc.).
  • Ensure uptime and system health via monitoring, tuning, and log analysis (including introspection, metrics logs).
  • Manage indexing performance and storage usage: data retention, index lifecycle, bucket management.
  • Generate and check reports from the system to ensure the system and agents are working as intended.
  • Perform checks and troubleshoot, if necessary, to ensure that the Splunk forwarders (agents) are working and can pipe logs back to Splunk systems.
  • Perform checks and troubleshoot, if necessary, to ensure the Splunk systems can receive logs from sources such as CloudWatch or syslog servers.
  • Integrate Splunk with the Client's systems and processes to perform real-time monitoring and alert when Splunk infrastructure is not working well, so that issues can be attended to early. (e.g., log breaks, disconnected agents, search-head hung from insufficient resources, etc.)
  • Fine tune Splunk rules according to the Client's request.
  • Perform parser validation or write new custom parser according to the Client's request.
  • Work closely with the Client's SOC to ensure Splunk supports threat detection, auditing, and incident response use cases.
  • Change the passwords for all privilege and services accounts for the Splunk systems regularly.
  • Ensure the Splunk systems is working as intended during the Client's periodic BCP and DR exercises.
Problem Resolution
  • Investigate problems and provide assistance to triage issues.
  • Correct defects in the System, including temporary corrections or workarounds until permanent fixes or updates are available.
  • Prepare incident report including the root cause analysis and necessary resolution.
  • Track and report issues, support cases and incident resolutions on a weekly basis.
System Monitoring
  • Monitor Security advisory, new releases, notifications and maintenance expiry dates for all Software used in the System and assess the impact, if any.
  • Recommend to the Client the best course of action to take and provide all relevant documentation.
  • If the issue arises from a security vulnerability or software incompatibility, the RE shall evaluate and implement fixes to address the vulnerability or incompatibility.
  • Check and remediate findings from the Client's periodic vulnerability and compliance scans.
  • Track and update the Client on the DLP End of Life (EOL) and End of Support (EOS) and plans to maintain product supportability.
System Changes
  • Deploy and test system changes in the non-Production environments when required.
  • Demonstrate that System functionality and performance are not degraded.
  • Implement the system changes into the Production environment upon the Client's acceptance of the testing results.
  • Implementation of additional use cases, report design and development and tuning to reduce false positives and negatives.
Documentation
  • Create or provide the Client with all System related documentation, including standards and procedures, operation manuals, workflows, processes, etc.
  • Update the relevant documentation when changes are made to the System or processes.
Details
  • Seniority level: Mid-Senior level
  • Employment type: Contract
  • Job function: Information Technology
  • Industries: IT Services and IT Consulting
Qualifications
  • At least 3 years experience working on Splunk system
  • Possess Splunk Enterprise Certified Admin certifications or equivalent
  • Working arrangement: On-site; Official working hours: 8:30am to 6:00pm (Monday to Thursday), 8:30 to 5:30pm (Friday)
#J-18808-Ljbffr

  • Splunk Engineer

    2 weeks ago

    Singapore Unison Consulting Pte Ltd Full time

    The proposed Splunk Engineer shall have the following qualifications: At least 3 years experience working on Splunk system Possess Splunk Enterprise Certified Admin certifications or equivalent. Working arrangement: Ability to work independently and ensure the smooth operation of the System. Official working hours: 8:30 am to 6:00 pm (Monday to Thursday),...

  • Manager, Solutions Engineering

    4 weeks ago

    Singapore Splunk Full time

    Overview Join us as we pursue our disruptive new vision to make machine data accessible, usable and valuable to everyone. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we're committed to our work, customers, having fun and most importantly to each other's...

  • Technical Support Engineer

    2 days ago

    Singapore Splunk Full time

    Join us as we pursue our disruptive new vision to make machine data accessible, usable and valuable to everyone. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we’re committed to our work, customers, having fun and most importantly to each other’s success....

  • Apac Gss Security Solutions Engineer

    3 days ago

    Singapore Splunk Full time

    Join our innovative mission at Splunk to make machine data accessible, usable, and valuable to everyone. We're not just a company, we're a community of passionate individuals dedicated to our product, delivering unparalleled experiences for our customers. At Splunk, commitment to our work, customers, fun, and, most importantly, to each other's success is...

  • Manager, Solutions Engineering

    4 weeks ago

    Singapore Splunk Full time

    Overview Join us as we pursue our disruptive new vision to make machine data accessible, usable and valuable to everyone. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we're committed to our work, customers, having fun and most importantly to each other's...

  • Sr. Partner Solutions Engineer

    1 week ago

    Singapore Splunk Full time

    Join us as we pursue our disruptive new vision to make data accessible, usable and valuable to everyone. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we’re committed to our work, customers, having fun and most importantly, to each other’s success. Learn more...

  • Senior Partner Sales Engineer

    2 weeks ago

    Singapore Splunk Full time

    Join us as we pursue our disruptive new vision to make data accessible, usable and valuable to everyone. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we’re committed to our work, customers, having fun and most importantly, to each other’s success. Learn more...

  • Splunk Engineer

    2 weeks ago

    Singapore ES TECH CONSULTANCY PTE. LTD. Full time

    Seeking Splunk Engineer _AIOps to join our team on 1 year project Assignment at NUS (Client Site ) Job level:Mid level Implement and enable applications for Splunk APM (Application Performance Monitoring), RUM (Real User Monitoring), and Synthetic monitoring. Onboard new applications and services to the Splunk monitoring platforms, APM, RUM, and...

  • Splunk Engineer

    2 days ago

    Singapore ES TECH CONSULTANCY PTE. LTD. Full time $90,000 - $120,000 per year

    Seeking Splunk Engineer _AIOps to join our team on 1 year project Assignment at NUS (Client Site )Job level:Mid levelImplement and enable applications for Splunk APM (Application Performance Monitoring), RUM (Real User Monitoring), and Synthetic monitoring.Onboard new applications and services to the Splunk monitoring platforms, APM, RUM, and...

  • Senior Solutions Engineer

    2 weeks ago

    Singapore Splunk Full time

    Join us as we pursue our exciting new vision to make machine data accessible, usable and valuable to everyone. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we’re committed to our work, customers, having fun and most importantly to each other’s success. Learn...