Splunk Engineer

Responsibilities

Work on complex / escalated incidents, problems and changes within the Operational environment.

Manage, lead and prioritise a team of Security Analysts working in operational environment, provide level 3 operational support and own achieving SLAs for agreed service metrics.

Provide leadership and training to technical support staff including mentoring of 2nd line support staff to improve diagnostic skills and encouraging them to achieve security product accreditation.

Carry out SPLUNK Consultancy and implementation in support of customer project work.

Form an integral part of a 24 hour support rota to provide 24x7 support to the designated customer.

Produce scripts and supporting documentation to allow the 3rd line diagnostic team to undertake remote software downloads configuration changes and implementation of new customer projects.

Attend meetings on behalf of the team and line manager.

Experience And Skills

Professional/Technical Competencies:

Mandatory: 8-12 years of hand-on experience in operation and management of security infrastructure.

Minimum 8 years of hands-on skills on one or more of the following technologies

Experience in Upgrades, Solution designing and implementation of various security products.

Should be willing to work in 24x7 shifts.

Demonstrated knowledge of ITIL principles and processes.

Troubleshoot SPLUNK server and forwarder problems and issues.

Assist internal users of SPLUNK in designing and maintaining production-quality dashboards.

Monitor the SPLUNK infrastructure for capacity planning, system health, availability, and optimization.

Assist with design of core scripts to automate SPLUNK maintenance and alerting tasks. Support SPLUNK on UNIX, Linux and Windows-based platforms. Assist with automation of processes and procedures

Bring new data into the SPLUNK platform per client request, creating custom sourcetypes when necessary.

Verify custom reports, manage log source groups, and validate log sources with client

Troubleshoot issues if reports generated form Splunk have incorrect data

Should be able to re-initialize indexing if required.

Experienced in administering and Maintaining Splunk Servers

Solid experience of writing and analyzing Splunk Queries

Ability to provide Tier 3 support and manage complex and escalated tickets in production environment.

Leadership skills to deliver quality service in individual role or manage a team of engineers to deliver service as per agreed SLAs.

Ability to communicate (both written & oral) clearly with various internal stakeholders and customer

Highly Desirable

Good hands on experience with the installation and administration .

Experience on working in a global support environment, experience of ticketing-tools and exposure to ITIL processes in context of service operations is a plus.

Ability to investigate logs

Splunk certification( Power user Certification) would be preferred

Experience of providing support to international customers in live environment

Full time