Splunk Engineer

4 days ago

Singapore Unison Group Full time
Responsibilities
  • The Splunk Engineer shall perform critical high-risk works during maintenance windows specified by the Client, which may be off-office hours or during weekends.
  • The Splunk Engineer shall be responsible for all corrective and preventive maintenance of the Splunk systems in all environments.
  • The Splunk Engineer shall remediate all vulnerabilities or penetration test findings pertaining to the Splunk systems.
  • The Splunk Engineer can raise tickets to Splunk principal for support and queries.
  • Perform checks and troubleshoot, if necessary, to ensure the Client's Splunk services are running as intended for all environments.
  • Maintain and monitor Splunk infrastructure (Search Heads, Indexers, Forwarders, Deployment Server, Cluster Master, etc.).
  • Ensure uptime and system health via monitoring, tuning, and log analysis (including introspection, metrics logs).
  • Manage indexing performance and storage usage: data retention, index lifecycle, bucket management.
  • Generate and check reports from the system to ensure the system and agents are working as intended.
  • Perform checks and troubleshoot, if necessary, to ensure that the Splunk forwarders (agents) are working and can pipe logs back to Splunk systems.
  • Perform checks and troubleshoot, if necessary, to ensure the Splunk systems can receive logs from sources such as CloudWatch or syslog servers.
  • Integrate Splunk with the Client's systems and processes to perform real-time monitoring and alert when Splunk infrastructure is not working well, so that issues can be attended to early. (e.g., log breaks, disconnected agents, search-head hung from insufficient resources, etc.)
  • Fine tune Splunk rules according to the Client's request.
  • Perform parser validation or write new custom parser according to the Client's request.
  • Work closely with the Client's SOC to ensure Splunk supports threat detection, auditing, and incident response use cases.
  • Change the passwords for all privilege and services accounts for the Splunk systems regularly.
  • Ensure the Splunk systems is working as intended during the Client's periodic BCP and DR exercises.
Problem Resolution
  • Investigate problems and provide assistance to triage issues.
  • Correct defects in the System, including temporary corrections or workarounds until permanent fixes or updates are available.
  • Prepare incident report including the root cause analysis and necessary resolution.
  • Track and report issues, support cases and incident resolutions on a weekly basis.
System Monitoring
  • Monitor Security advisory, new releases, notifications and maintenance expiry dates for all Software used in the System and assess the impact, if any.
  • Recommend to the Client the best course of action to take and provide all relevant documentation.
  • If the issue arises from a security vulnerability or software incompatibility, the RE shall evaluate and implement fixes to address the vulnerability or incompatibility.
  • Check and remediate findings from the Client's periodic vulnerability and compliance scans.
  • Track and update the Client on the DLP End of Life (EOL) and End of Support (EOS) and plans to maintain product supportability.
System Changes
  • Deploy and test system changes in the non-Production environments when required.
  • Demonstrate that System functionality and performance are not degraded.
  • Implement the system changes into the Production environment upon the Client's acceptance of the testing results.
  • Implementation of additional use cases, report design and development and tuning to reduce false positives and negatives.
Documentation
  • Create or provide the Client with all System related documentation, including standards and procedures, operation manuals, workflows, processes, etc.
  • Update the relevant documentation when changes are made to the System or processes.
Details
  • Seniority level: Mid-Senior level
  • Employment type: Contract
  • Job function: Information Technology
  • Industries: IT Services and IT Consulting
Qualifications
  • At least 3 years experience working on Splunk system
  • Possess Splunk Enterprise Certified Admin certifications or equivalent
  • Working arrangement: On-site; Official working hours: 8:30am to 6:00pm (Monday to Thursday), 8:30 to 5:30pm (Friday)
#J-18808-Ljbffr

  • Splunk Engineer

    3 days ago

    Singapore INFINITY CYBERSEC PTE. LTD. Full time

    **Responsibilities**: - Manage multiple assignments, changing priorities, and work independently with little oversight - Build, implement, and administer Splunk in Windows and Linux environments - Provide overall engineering and design support for a distributed Splunk environment consisting of heavy forwarders, indexers, and search head servers, spanning...

  • Splunk Engineer

    3 days ago

    Singapore INFINITY CYBERSEC PTE. LTD. Full time

    We are looking for the Splunk Engineer for our customers, the position will post to client site, and experienced in Splunk is must and at least architect level certification, the client sites as below: 1: Banking environment, Splunk experienced and certified. 2. Secure Site, Splunk experienced and certified. Cat1 required.

  • Splunk Engineer

    2 weeks ago

    Singapore Unison Consulting Pte Ltd Full time

    The proposed Splunk Engineer shall have the following qualifications: At least 3 years experience working on Splunk system Possess Splunk Enterprise Certified Admin certifications or equivalent. Working arrangement: Ability to work independently and ensure the smooth operation of the System. Official working hours: 8:30 am to 6:00 pm (Monday to Thursday),...

  • Splunk Engineer

    4 days ago

    Singapore Unison Consulting Pte Ltd Full time $90,000 - $120,000 per year

    The proposed Splunk Engineer shall have the following qualifications:At least 3 years experience working on Splunk system Possess Splunk Enterprise Certified Admin certifications or equivalent. Working arrangement:To able to work independently and ensure smooth running of the System. Official working hours: 8.30am to 6.00pm (Monday to Thursday), 8.30 to...

  • Manager, Sales Engineering

    1 week ago

    Singapore Splunk Full time

    **Manager, Sales Engineering**: Join us as we pursue our disruptive new vision to make machine data accessible, usable and valuable to everyone. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we’re committed to our work, customers, having fun and most...

  • Manager, Solutions Engineering

    4 days ago

    Singapore Splunk Full time

    Overview Join us as we pursue our disruptive new vision to make machine data accessible, usable and valuable to everyone. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we're committed to our work, customers, having fun and most importantly to each other's...

  • Manager, Solutions Engineering

    2 days ago

    Singapore Splunk Full time

    Overview Join us as we pursue our disruptive new vision to make machine data accessible, usable and valuable to everyone. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we're committed to our work, customers, having fun and most importantly to each other's...

  • Senior Technical Success Engineer

    2 weeks ago

    Singapore Splunk Full time

    Splunk is here to build a safer and more resilient digital world. The world's leading enterprises use our unified security and observability platform to keep their digital systems secure and reliable. While customers love our technology, it's our people that make Splunk stand out as an amazing career destination and why we've won so many awards as a best...

  • Technical Support Engineer

    5 days ago

    Singapore Splunk Full time

    Join us as we pursue our disruptive new vision to make machine data accessible, usable and valuable to everyone. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we’re committed to our work, customers, having fun and most importantly to each other’s success....

  • Manager, Solutions Engineering

    4 days ago

    Singapore Splunk Full time

    Join us as we pursue our disruptive new vision to make machine data accessible, usable and valuable to everyone. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we’re committed to our work, customers, having fun and most importantly to each other’s...