We are seeking a skilled Splunk Administrator with expertise in Red Hat Enterprise Linux (RHEL) to join our team. The ideal candidate will be responsible for managing and maintaining Splunk infrastructure, ensuring optimal performance, security, and availability. This role involves troubleshooting, optimizing queries, managing data ingestion, and collaborating with security and operations teams to enhance system monitoring and logging.
Key Responsibilities:
- Install, configure, and maintain Splunk Enterprise in a RHEL environment.
- Manage Splunk indexers, forwarders, search heads, and deployment servers for optimal performance.
- Develop and optimize Splunk queries, dashboards, reports, and alerts.
- Configure and manage Splunk data ingestion from various sources, ensuring proper parsing and indexing.
- Implement security and access controls, including role-based access and encryption.
- Monitor and troubleshoot Splunk performance issues, including indexing latency, storage optimization, and log ingestion failures.
- Support log collection and correlation for security monitoring, compliance, and operational insights.
- Automate Splunk administrative tasks using Python, Bash, or Ansible.
- Work closely with security and IT operations teams to ensure compliance with security policies.
- Perform Splunk software upgrades, patching, and version migrations.
- Document configurations, best practices, and troubleshooting procedures.
Required Skills & Qualifications:
- 3+ years of experience as a Splunk Administrator in a production environment.
- Strong experience with RHEL (Red Hat Enterprise Linux) administration and shell scripting.
- Proficiency in managing Splunk Enterprise Security (ES), ITSI, or Core.
- Experience with Splunk Data Models, CIM (Common Information Model), and KV Stores.
- Knowledge of Splunk add-ons, apps, and integrations with third-party tools.
- Familiarity with SIEM (Security Information and Event Management) best practices.
- Experience with automation and orchestration using Python, Bash, or Ansible.
- Understanding of TCP/IP, Syslog, SNMP, and log forwarding protocols.
- Strong troubleshooting skills in log ingestion, parsing, and indexing issues.
- Experience working in a large-scale, distributed IT infrastructure.
To apply, simply click the Apply button or send your updated profile to
EA Licence No.:18S9405 / EA Reg. No.:R1330864
Percept Solutions is expanding and actively seeking talented individuals. We encourage applicants to follow Percept Solutions on LinkedIn at https://www.linkedin.com/company/percept-solutions/to stay informed about new opportunities and events.
