Responsibilities
- Design, implement, and maintain distributed and clustered Splunk environments, ensuring seamless integration with infrastructure tools, security devices, and application platforms.
- Partner with cross-functional teams to drive automation efforts using Splunk, Python, dashboards, and AI-powered tools such as Copilot, aligning with security and operational goals.
- Oversee the health and performance of Splunk search heads, indexers, and forwarders, ensuring high availability and scalability for activities impacting the security engineering team.
- Optimize Data Ingestion Pipelines: Configure and manage data inputs, indexes, and source types to ensure accurate and efficient data collection from diverse sources.
- Develop Splunk Use Cases and Content: Create and maintain dashboards, reports, alerts, and other Splunk artifacts to support evolving security monitoring and operational needs.
- Administer Splunk Access Controls: Manage user roles, authentication mechanisms, and access permissions to maintain a secure and compliant Splunk environment.
- Enhance Search Performance: Continuously fine-tune existing SPL queries and dashboards for optimal performance and reduced latency.
- Deploy and Upgrade Splunk Applications: Install and update custom and Splunk base applications, ensuring compatibility and alignment with business requirements.
- Troubleshoot and Resolve Issues: Investigate and resolve technical issues using Splunk logs, Linux command-line tools, and Python scripting.
Escalate and document bugs or vendor-related issues as needed.
- Drive Root Cause Analysis and Documentation: Reproduce issues, perform root cause analysis, and document findings to support continuous improvement and knowledge sharing.
Requirements
- Education: Bachelor’s degree in computer science or related field.
- Certifications (preferred but not explicitly listed): Splunk Certified Power User / Admin / Architect; Coding development using Python and similar.
Essential
- You must be well versed with Splunk SPL, Linux commands and Python scripting
- Design, deployment, and maintenance of distributed/clustered Splunk environments
- Management of search heads, indexers, forwarders
- Data ingestion: configuring inputs, indexes, source types
- Content creation: dashboards, reports, alerts
- Access control: user roles, authentication
- Application management: installing/upgrading custom and Splunk base apps
- Scripting & Troubleshooting
- Linux command-line skills
- Python scripting for automation and troubleshooting
- Log analysis and issue reproduction
- Bug reporting and vendor escalation
You must be the experienced developer, with good experience in system integration/interfacing.
Depending on the project, your duties may include coding, scripting, building new systems (where necessary) and interfaces.
For new system build-up, you may need to environment support during SIT/UAT.
You are expected to ensure your work are adequately documented and transferred to the production team post-cutover.
You will be expected to work with the senior developers and system architect in formulating technical solutions that is fit for purpose for your assigned projects.
The solution will need to satisfy all security, regulatory and architectural standards.
Key Domain/ Technical Skills
- Integration with infrastructure and security devices
- Security design architecture and process.
- Splunk as a core SPL (Search Processing Language) and reporting
- Python Scripting for automation and troubleshooting.
About us
D L Resources Pte Ltd is a leading provider of IT Professional Services & Banking outsourced staffing solutions, serving a diverse portfolio of clients across various industries including Financial Services Institutions, Banks & MNCs.
How to apply
Interested candidates may reach out directly to our recruiters (Edwin): | EA License No: 24C2333 | EA Personnel No: R
#J-18808-Ljbffr